Two-Level Security Framework for Virtual Machine Migration In Cloud Computing

Yashveer Yadav*, C. Rama Krishna**
* Ph.D. Scholar, Applied Science Department of Computer Applications, I. K. Gujral Punjab Technical University, Punjab, India,
** Professor and Head, Department of Computer Science and Engineering, NITTTR, Chandigarh, India.
Periodicity:December - February'2018
DOI : https://doi.org/10.26634/jit.7.1.14095

Abstract

Cloud computing is a new generation utility computing. It provides the control to use computing as a utility which can be used anywhere at any time. It's highly elastic and can be grown or shrink according to user demand. The elasticity of computing power in cloud is based on the migration of virtual machine from overutilized servers to underutilized servers and vice-versa.Virtual machine migration (VMM) is used to reduce the power consumption of cloud environment that leads to green computing. In virtual Machine Migration, virtual machines are migrated from one physical server to another physical server that may lead to security threats like Replay, 'Time-of-Check' to 'Time-of-Use' (TOCTTOU), Resumption Ordering etc. Several experiments have been conducted by using KVM/QEMU(Kernel-based Virtual Machine/Quick Emulator) hypervisor. It is found that tampering of data by Man-In-The-Middle (MITM) is possible in information gathering phase and TOCTTOU can be injected. This may lead to serious security threat and can create hotspot at the destination host, which can degrade the performance of overall cloud experience. Hotspot is the situation where physical host is not able to fulfil the requested resources requirement. In this paper, a Two-level Security Framework has been proposed for protecting the VMM process from tampering of data and TOCTTOU problem. Further, the results of proposed technique have been compared with predefined RSA (Rivest–Shamir–Adleman) encryption and decryption technique in terms of time that can be used to protect the tampering of data in information gathering phase. The results indicate that this proposed technique reduces the time from 12.2 to 10.3 seconds (network size of 28 physical host) for protecting the data in information gathering phase of virtual machine migration process.

Keywords

Virtual Machine, Virtual Machine Placement, Two-Level Security Framework, Virtual Machine Migration.

How to Cite this Article?

Yadav, Y., & Krishna, C. R. (2018). Two-Level Security Framework for Virtual Machine Migration in Cloud Computing. i-manager’s Journal on Information Technology, 7(1), 34-44. https://doi.org/10.26634/jit.7.1.14095

References

[1]. Ayoub, O., Musumeci, F., Tornatore, M., & Pattavina, A. (2017). Efficient routing and bandwidth assignment for inter-data-center live virtual-machine migrations. IEEE/OSA Journal of Optical Communications and Networking, 9(3), B12-B21.
[2]. Bhardwaj, A., Singh, V. K., Vanraj & Narayan, Y. (2015, December). Analyzing BigData with Hadoop cluster in HDInsight azure Cloud. In IEEE India Conference (INDICON), 2015 Annual IEEE (pp. 1-5). IEEE.
[3]. Bishop, M., & Dilger, M. (1996). Checking for race conditions in file accesses. Journal on Computing Systems, 2(2), 131-152.
[4]. Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J., & Brandic, I. (2009). Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering th computing as the 5 utility. Journal Future Generation Computer Systems, 25(6), 599-616.
[5]. Ferreto, T. C., Netto, M. A. S., Calheiros, R. N., & De Rose, C. A. (2011). Server consolidation with migration control for virtualized data centers. Journal on Future Generation Computer Systems, 27(8), 1027-1034.
[6]. Gao, Y., Guan, H., Qi, Z., Hou, Y., & Liu, L. (2013). A multi-objective ant colony system algorithm for virtual machine placement in cloud computing. Journal of Computer and System Sciences, 79(8), 1230-1242.
[7]. Gerofi, B., Fujita, H., & Ishikawa, Y. (2010). An efficient process live migration mechanism for load balanced distributed virtual environments. In Cluster Computing (CLUSTER), 2010 IEEE International Conference on (pp. 197-206). IEEE.
[8]. Kanagavelu, R., Lee, B. S., Le, N. T. D., Mingjie, L. N., & Aung, K. M. M. (2014). Virtual machine placement with two-path traffic routing for reduced congestion in data center networks. Journal on Computer Communications, 53(1), 1-12.
[9]. Kumar, P., & Kumar, R. (2016). Optimal resource allocation approach in cloud computing environment. In Next Generation Computing Technologies (NGCT), 2016 nd 2 International Conference on (10), (pp. 112-117). IEEE.
[10]. Li, C., Raghunathan, A., & Jha, N. K. (2012). A trusted v i r t u a l ma c h i n e i n a n u n t r u s t e d ma n a g eme n t environment. IEEE Transactions on Services Computing, 5(4), 472-483.
[11]. Liu, J., Su, L., Jin, Y., Li, Y., Jin, D., & Zeng, L. (2014). Optimal VM migration planning for data centers. In Global Communications Conference (GLOBECOM), 2014 IEEE (pp. 2332-2337). IEEE.
[12]. Luo, Y., Zhang, B., Wang, X., Wang, Z., Sun, Y., & Chen, H. (2008). Live and incremental whole-system migration of virtual machines using block-bitmap. In Cluster Computing, 2008 IEEE International Conference on (pp. 99-106). IEEE.
[13]. Majhi, S. K., & Dhal, S. K. (2016a). A security context migration framework for Virtual Machine migration. In Computing and Network Communications (CoCoNet), 2015 International Conference on (pp. 452-456). IEEE.
[14]. Majhi, S. K., & Dhal, S. K. (2016b). An authentication framework for securing virtual machine migration. In Advances in Computing, Communications and Informatics (ICACCI), 2016 International Conference on (pp. 1283-1286). IEEE.
[15]. McDermott, P. J., Montrose, E. B., Li, M., Kirby, J., & Kang, H. M. (2012, October). The Xenon separation VMM: Secure virtualization infrastructure for military clouds. In Military Communications Conference, 2012-Milcom 2012 (pp. 1-6). IEEE.
[16]. McPhee, W. S. (1974). Operating system integrity in OS/VS2. IBM Systems Journal, 13(3), 230-252.
[17]. Muthunagai, S. U., Karthic, C. D., & Sujatha, S. (2012, April). Efficient access of cloud resources through virtualization techniques. In Recent Trends In Information Technology (ICRTIT), 2012 International Conference on, (pp. 174-178). IEEE.
[18]. Oh, S., Kang, M. Y., & Kang, S. (2013). Effective hotspot removal system using neural network predictor. In Asian Conference on Intelligent Information and Database Systems (pp. 478-488). Springer, Berlin, Heidelberg.
[19]. Oktay, U., Aydin, M. A., & Sahingoz, O. K. (2013). C i r c u l a r c h a i n V M p r o t e c t i o n i n A d j o i n t V M. I n Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), 2013 International Conference on (pp. 93-97). IEEE.
[20]. Osman, T. T. A., babiker, A. A., & Mustafa, N. (2015). Internal & External Attacks in cloud computing Environment from confidentiality, integrity and availability points of view. IOSR Journal of Computing Engineering, 17(2), 93-96.
[21]. Scapy. (2017). Retrieved from http://www.secdev. org/projects/scapy/.
[22]. Singh, G., & Supriya. (2013). A study of encryption algorithms (RSA, DES, 3DES and AES) for information security. International Journal of Computer Applications, 67(19), 33-38.
[23]. State of Cloud Adoption and Security 2017. (2017). Retrieved from https://www.forbes.com/sites/louis columbus/2017/04/23/2017-state-of-cloud-adoptionand-
[24]. Sulaiman, N. A. B., & Masuda, H. (2014). Evaluation of a secure live migration of virtual machines using Ipsec rd implementation. In ILAI 3 IEEE International Conference on Advanced Applied Informatics, ( pp. 687–693).
[25]. Wireshark. (2017). Retrieved from https://www. wireshark.org/.
[26]. Wu, X., Gao, Y., Tian, X., Song, Y., Guo, B., Feng, B., & Sun, Y. (2013, February). SecMon: a secure introspection framework for hardware virtualization. In Parallel, Distributed and Network-Based Processing (PDP), 2013 st 21 Euromicro International Conference on (pp. 282- 286). IEEE.
[27]. Yadav, Y., & Krishna, C. R. (2016). A Novel Approach for Virtual Machine Migration in Cloud Computing. International Journal of Computer Technology and Applications, 9(18), 8973-8980.
[28]. Zhang, F., Huang, Y., Wang, H., Chen, H., & Zang, B. (2008). PALM: security preserving VM live migration for systems with VMM-enforced protection. In Trusted Infrastructure Technologies Conference, 2008. APTC'08. Third Asia-Pacific (pp. 9-18). IEEE.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.