Networks - I: Virtual firewalling for migrating virtual machines in cloud computing
Abstract/Description
Cloud Computing (CC) uses virtualization to provide computing resources on demand via Internet. Small and large organizations benefit from CC because of reduced operating costs and increase in business agility. The migrating Virtual Machine (VM) is vulnerable from attacks such as fake migration initiations, service interruptions, manipulation of data or other network attacks. Hence, during live migration any security lax in VM firewall policy can put the VM at risk. A malicious VM can further pose threat to other VMs in its host and consequently for VMs in LAN. Hardware firewalls only protect VM before and after migration. Plus, they are blind to virtual traffic. Hence, virtual firewalls (VFs) are used to secure VMs. Mostly; they are deployed at Virtual Machine Monitor-level (VMM) under Cloud provider's control. Source VMM-Ievel VF provides security to VM before the migration incurs and the destination VMM-level VF starts securing VM after migration is completed. It thus, becomes possible for attacker to use the intermediate migrating window to launch attacks on VM. This research contributes towards providing understanding of having open source virtual firewall at VM-Ievel for migrating VMs to reduce attack window of VM during the migration. The final contribution is the validation and uptime evaluation of the implemented Packet Filter firewall for VM at VM-level during migration in City Network data center. Such an approach would enable hardened security for overall VM migration.
Keywords
Location
Room M1
Session Theme
Networks - I
Session Type
Other
Session Chair
Dr. Sayeed Ghani
Start Date
15-12-2013 1:00 PM
End Date
15-12-2013 1:30 PM
Recommended Citation
Anwar, M. (2013). Networks - I: Virtual firewalling for migrating virtual machines in cloud computing. International Conference on Information and Communication Technologies. Retrieved from https://ir.iba.edu.pk/icict/2013/2013/31
COinS
Networks - I: Virtual firewalling for migrating virtual machines in cloud computing
Room M1
Cloud Computing (CC) uses virtualization to provide computing resources on demand via Internet. Small and large organizations benefit from CC because of reduced operating costs and increase in business agility. The migrating Virtual Machine (VM) is vulnerable from attacks such as fake migration initiations, service interruptions, manipulation of data or other network attacks. Hence, during live migration any security lax in VM firewall policy can put the VM at risk. A malicious VM can further pose threat to other VMs in its host and consequently for VMs in LAN. Hardware firewalls only protect VM before and after migration. Plus, they are blind to virtual traffic. Hence, virtual firewalls (VFs) are used to secure VMs. Mostly; they are deployed at Virtual Machine Monitor-level (VMM) under Cloud provider's control. Source VMM-Ievel VF provides security to VM before the migration incurs and the destination VMM-level VF starts securing VM after migration is completed. It thus, becomes possible for attacker to use the intermediate migrating window to launch attacks on VM. This research contributes towards providing understanding of having open source virtual firewall at VM-Ievel for migrating VMs to reduce attack window of VM during the migration. The final contribution is the validation and uptime evaluation of the implemented Packet Filter firewall for VM at VM-level during migration in City Network data center. Such an approach would enable hardened security for overall VM migration.