research-article

An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds

Authors:

Qian Liu,

Chuliang Weng,

Minglu Li,

Yuan LuoAuthors Info & Claims

IEEE Security and Privacy, Volume 8, Issue 6

Pages 56 - 62

https://doi.org/10.1109/MSP.2010.143

Published: 01 November 2010 Publication History

Publisher Site

Abstract

Cloud computing uses a virtual, nonlocal system for storage and computation. The creation of individual virtual machines (VMs) in the larger system is an important foundation for cloud computing, especially in the delivery of software as a service (SaaS). The biggest challenge for SaaS cloud-computing systems is maintaining user-level security in VMs. A proposed in-VM measuring framework confirms the status of user-level applications launched in guest VMs. A measurement module measures the executable and transfers the values to a trusted VM, which stores them in a measurement table. Comparing those values to a reference table containing the trusted measurement values of running executables verifies the executable's status. This framework relies on the system's Trusted Platform Module to guarantee the two tables' integrity. In addition, a memory watcher module confirms the measurement module's status. A working prototype of the framework based on the Xen VM monitor showed good efficiency.

Cited By

View all

Saravanakumar CGeetha MManoj Kumar SManikandan SArun CSrivatsan K(2021)An Efficient Technique for Virtual Machine Clustering and Communications Using Task-Based Scheduling in Cloud ComputingScientific Programming10.1155/2021/55865212021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/5586521
Gao Z(2021)Research on Cloud Computing Data Center Management and Resource Virtualization Technology2021 4th International Conference on Information Systems and Computer Aided Education10.1145/3482632.3484100(2067-2070)Online publication date: 24-Sep-2021
https://dl.acm.org/doi/10.1145/3482632.3484100
Mohan PChelliah S(2017)An Authentication Technique for Accessing De-Duplicated Data from Private Cloud using One Time PasswordInternational Journal of Information Security and Privacy10.4018/IJISP.201704010111:2(1-10)Online publication date: 1-Apr-2017
https://dl.acm.org/doi/10.4018/IJISP.2017040101
Show More Cited By

Recommendations

Post-copy based live virtual machine migration using adaptive pre-paging and dynamic self-ballooning
VEE '09: Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments

We present the design, implementation, and evaluation of post-copy based live migration for virtual machines (VMs) across a Gigabit LAN. Live migration is an indispensable feature in today's virtualization technologies. Post-copy migration defers the ...
Cost of Virtual Machine Live Migration in Clouds: A Performance Evaluation
CloudCom '09: Proceedings of the 1st International Conference on Cloud Computing

Virtualization has become commonplace in modern data centers, often referred as "computing clouds". The capability of virtual machine live migration brings benefits such as improved performance, manageability and fault tolerance, while allowing workload ...
Post-copy live migration of virtual machines

We present the design, implementation, and evaluation of post-copy based live migration for virtual machines (VMs) across a Gigabit LAN. Post-copy migration defers the transfer of a VM's memory contents until after its processor state has been sent to ...

Comments

Information & Contributors

Information

Published In

IEEE Security and Privacy Volume 8, Issue 6

November 2010

89 pages

ISSN:1540-7993

Issue’s Table of Contents

Publisher

IEEE Educational Activities Department

United States

Publication History

Published: 01 November 2010

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Saravanakumar CGeetha MManoj Kumar SManikandan SArun CSrivatsan K(2021)An Efficient Technique for Virtual Machine Clustering and Communications Using Task-Based Scheduling in Cloud ComputingScientific Programming10.1155/2021/55865212021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/5586521
Gao Z(2021)Research on Cloud Computing Data Center Management and Resource Virtualization Technology2021 4th International Conference on Information Systems and Computer Aided Education10.1145/3482632.3484100(2067-2070)Online publication date: 24-Sep-2021
https://dl.acm.org/doi/10.1145/3482632.3484100
Mohan PChelliah S(2017)An Authentication Technique for Accessing De-Duplicated Data from Private Cloud using One Time PasswordInternational Journal of Information Security and Privacy10.4018/IJISP.201704010111:2(1-10)Online publication date: 1-Apr-2017
https://dl.acm.org/doi/10.4018/IJISP.2017040101
Ramachandran KLutfiyya H(2017)A remote attestation infrastructure for verifying the application of software updates2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM)10.23919/INM.2017.7987294(317-325)Online publication date: 8-May-2017
https://dl.acm.org/doi/10.23919/INM.2017.7987294
Khan SParkinson SCrampton AAnjum ASill AFox GChen Y(2017)A Multi-layered Cloud Protection FrameworkCompanion Proceedings of the10th International Conference on Utility and Cloud Computing10.1145/3147234.3148098(233-238)Online publication date: 5-Dec-2017
https://dl.acm.org/doi/10.1145/3147234.3148098
Geng XZeng XHu LGuo Z(2017)An Novel Architecture and Inter-process Communication Scheme to Adapt Chromium Based on Docker ContainerProcedia Computer Science10.1016/j.procs.2017.03.149107:C(691-696)Online publication date: 1-Apr-2017
https://dl.acm.org/doi/10.1016/j.procs.2017.03.149
(2017)CITJournal of Network and Computer Applications10.1016/j.jnca.2016.12.00985:C(32-46)Online publication date: 1-May-2017
https://dl.acm.org/doi/10.1016/j.jnca.2016.12.009
Chuliang Weng Jianfeng Zhan Yuan Luo (2015)TSAC: Enforcing Isolation ofVirtual Machines in CloudsIEEE Transactions on Computers10.1109/TC.2014.232260864:5(1470-1482)Online publication date: 3-Apr-2015
https://dl.acm.org/doi/10.1109/TC.2014.2322608
Poore JFlores JAtkison TSaad A(2013)Evolution of digital forensics in virtualization by using virtual machine introspectionProceedings of the 51st annual ACM Southeast Conference10.1145/2498328.2500078(1-6)Online publication date: 4-Apr-2013
https://dl.acm.org/doi/10.1145/2498328.2500078
Cruz JAtkison TSmith RVrbsky S(2012)Evolution of traditional digital forensics in virtualizationProceedings of the 50th annual ACM Southeast Conference10.1145/2184512.2184518(18-23)Online publication date: 29-Mar-2012
https://dl.acm.org/doi/10.1145/2184512.2184518
Show More Cited By

Abstract

Cited By

Recommendations

Post-copy based live virtual machine migration using adaptive pre-paging and dynamic self-ballooning

Cost of Virtual Machine Live Migration in Clouds: A Performance Evaluation

Post-copy live migration of virtual machines

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations