A Secure Live Virtual Machine Job Migration Framework for Cloud Systems Integrity
Mohaddes Deylami, Hanif
MetadataShow full metadata
INTRODUCTION: In the world of cloud computing (CC), security is the key to success. While ease and cost are two important factors in CC, security and technical issues are significant problems. The resources such as central processing unit (CPU) cache, network Input/Output (I/O) and memory bandwidth in a cloud environment are efficiently governed by employing virtualisation technology; the administration of a virtual machine (VM) in the datacentre of a cloud service provider (CSP) is a challenging task that requires live VM migration techniques. That is, live VM migration is an essential technology for cloud management. When a VM needs to be moved to another physical machine, this migration can be achieved without interruption to the VM’s services, minimising the downtime for the services running on the VM. This situation decreases the operating costs of CSPs and improves its service quality. Many efforts have been made to enhance the security of live VM migration. However, some critical problems still require solutions or improvements. Further, the evolution of CC services and the increasing number of datacentres from which customers can run their services make it crucial to adhere to as many security practices as possible to deal with the new CC security issues, such as the compromising of the integrity and confidentiality of the destination host while a live VM is migrating VM data. OBJECTIVES: This research’s main objective was to design and develop a secure live VM migration framework that enables a virtual trusted platform module (vTPM) for multiple VMs on a hardware platform for cloud systems integrity. First, a comprehensive review of VM migration and the related security challenges was conducted. This was followed by the examination of different potential attacks that are possible in live VM job migration. The research then focused on using a combination of a hardware-based root of trust (e.g. vTPM) and a VM-based system (e.g. Xen open-source hypervisor) to improve the integrity of VM job migration. While existing live VM migration frameworks have been proven helpful for high-security environments that rank different security objectives, such as confidentiality, integrity and availability, over performance and all the related areas, the framework proposed in this thesis aims for commercial security, with near-zero performance overheads and usability being of paramount importance. For addressing this gap, this research’s objective was to establish a live VM migration integrity framework (called Kororā) to measure, aggregate, and manage integrity-related information from different sources that are available and relevant when assessing the trustworthiness of the Kororā. Kororā enforces the live VM’s strong isolation, thus providing a robust foundation on which the higher level of integrity can enact finer-grained controls. Kororā significantly improves the VM’s integrity level during the live migration process. The rationale behind the Kororā design phase has been provided and a lightweight prototype implementation of Kororā has been evaluated with Microsoft Visual Studio and SQLiteStudio tools. METHODS: This study has involved developing a new cloud integrity framework and ensuring this new framework could be evaluated and refined to a high standard. Research methods such as design science (DS) and mixed methods were employed to guide the study. The DS method influenced the design of the research and the evaluation methodology employed to evaluate the framework. The mixed-method was used to mature the design framework and assist with problem identification, evaluation and trust. RESULTS: The proposed framework describes the role of live VM migration and examines the formation, strength and success characteristics of VMs’ relationships in CC systems. It explores a secure cloud system live migration and provides an effective defence framework when moving jobs into a virtualised environment, from one hypervisor to another hypervisor. There were three different scenarios of real-world attacks used to evaluate the research objectives and answer the research questions and research background, and the summary of analysis results shown that Kororā can prevent the attack under vTPM protection. CONCLUSION: This study provides a robust foundational explanation of CC, virtualisation and the main core goals of security, especially integrity protection. It contributes models, processes, workflows, architecture and implementation in this area, based on the proposed framework, thus advancing the body of knowledge on the secure live migration of virtualised resources in cloud systems.