Virtualization: An Overview Brendan Lynch. Forms of virtualization In all cases virtualization is taking a physical component and simulating the interface.

Slides:

Advertisements

Similar presentations

1 VIRTUAL MACHINES By: Sai Siddharth Kumar Dantu.

Advertisements

Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines J. LeVasseur V. Uhlig J. Stoess S. G¨otz University of Karlsruhe,

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.

Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.

NoHype: Virtualized Cloud Infrastructure without the Virtualization Eric Keller, Jakub Szefer, Jennifer Rexford, Ruby Lee ISCA 2010 Princeton University.

Disco Running Commodity Operating Systems on Scalable Multiprocessors.

Cloud Computing and Virtualization Sorav Bansal CloudCamp 2010 IIT Delhi.

ELEC6200, Fall 07, Oct 29 Westrom: Virtual Machines 1 Kenneth Westrom ELEC-6620.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-1 Chapter 33: Virtual Machines Virtual Machine Structure Virtual Machine.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Chapter 21: Mobile Virtualization Infrastracture and Related Security Issues Guide to Computer Network Security.

Virtual Machine Monitors CSE451 Andrew Whitaker. Hardware Virtualization Running multiple operating systems on a single physical machine Examples:  VMWare,

An Overview of Virtual Machine Architectures by J.E. Smith and Ravi Nair presented by Sebastian Burckhardt University of Pennsylvania CIS 700 – Virtualization.

Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.

CIS 700 Machine Virtualization Autumn 2004.

Secure Operating System Architectures Patterns

5205 – IT Service Delivery and Support

Distributed Systems CS Virtualization- Overview Lecture 22, Dec 4, 2013 Mohammad Hammoud 1.

CSE598C Virtual Machines and Their Applications Operating System Support for Virtual Machines Coauthored by Samuel T. King, George W. Dunlap and Peter.

To run the program: To run the program: You need the OS: You need the OS:

Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Cloud Computing Why is it called the cloud?.

Microkernels, virtualization, exokernels Tutorial 1 – CSC469.

Virtual Machines: Versatile Platforms for Systems and Processes

Virtual Machine Course Rofideh Hadighi University of Science and Technology of Mazandaran, 31 Dec 2009.

CS533 Concepts of Operating Systems Jonathan Walpole.

Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.

Virtualization Concepts Presented by: Mariano Diaz.

Improving Network I/O Virtualization for Cloud Computing.

Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.

Secure Operating Stuff Lesson “like” 7 (a): Virtualization.

High Performance Computing on Virtualized Environments Ganesh Thiagarajan Fall 2014 Instructor: Yuzhe(Richard) Tang Syracuse University.

Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.

 Securing and Administering Virtual Machines George Manley and Yang He.

 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.

Bart Miller – October 22 nd,  TCB & Threat Model  Xen Platform  Xoar Architecture Overview  Xoar Components  Design Goals  Results  Security.

Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.

SECURING SELF-VIRTUALIZING ETHERNET DEVICES IGOR SMOLYAR, MULI BEN-YEHUDA, AND DAN TSAFRIR PRESENTED BY LUREN WANG.

Security Vulnerabilities in A Virtual Environment

Full and Para Virtualization

Lecture 12 Virtualization Overview 1 Dec. 1, 2015 Prof. Kyu Ho Park “Understanding Full Virtualization, Paravirtualization, and Hardware Assist”, White.

Introduction Why are virtual machines interesting?

Protecting The Kernel Data through Virtualization Technology BY VENKATA SAI PUNDAMALLI id :

Operating-System Structures

Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.

Cloud Computing Lecture 5-6 Muhammad Ahmad Jan.

Web Technologies Lecture 13 Introduction to cloud computing.

Cloud Computing – UNIT - II. VIRTUALIZATION Virtualization Hiding the reality The mantra of smart computing is to intelligently hide the reality Binary->

Virtual Machines Mr. Monil Adhikari. Agenda Introduction Classes of Virtual Machines System Virtual Machines Process Virtual Machines.

6/13/20161 Operating Systems Design (CS 423) Elsa L Gunter 2112 SC, UIUC Based on slides by Roy Campbell, Sam King,

1 Security Architecture and Designs  Security Architecture Description and benefits  Definition of Trusted Computing Base (TCB)  System level and Enterprise.

1 Virtualization "Virtualization software makes it possible to run multiple operating systems and multiple applications on the same server at the same.

Virtual Machine Monitors

Is Virtualization ready for End-to-End Application Performance?

Why VT-d Direct memory access (DMA) is a method that allows an input/output (I/O) device to send or receive data directly to or from the main memory, bypassing.

Problem Statement and Research Question

Virtual Machines: Versatile Platforms for Systems and Processes

By Dunlap, King, Cinar, Basrai, Chen

Virtualization Layer Virtual Hardware Virtual Networking

LAB 01 Installation of VIRTUAL MACHINE and LINUX

A Survey on Virtualization Technologies

An Overview of Virtual Machine Architectures

Operating Systems: A Modern Perspective, Chapter 3

Shielding applications from an untrusted cloud with Haven

Virtualization Dr. S. R. Ahmed.

Presentation transcript:

Virtualization: An Overview Brendan Lynch

Forms of virtualization In all cases virtualization is taking a physical component and simulating the interface through multiplexing, aggregation, and/or emulation. VMs can exist at the application level as well as the hardware level. – Process VMs, System VMs and simply virtualized resources.

System VMs Critical aspect of cloud computing and utility computing in general. – Pooling resources for higher utilization is a requirement of utility computing. – In a cloud this allows higher elasticity and system security

Virtual Machine Monitor - VMM A thin middleware that manages virtual machines. The VMM facilitates all operations between the host and guest system. – The guest system is an OS; the host system can be another OS or actual hardware or virtualized hardware.

VMM - continued Guest Operating systems run all OS operations through the virtual hardware. – These calls are ‘trapped’ by the VMM and run on the host system. This layer of abstraction can greatly increase security. – In the case of a host OS all the VMM does is scan these instructions and send them to the host OS for scheduling. – Hardware VMMs must provide all scheduling, I/O ect.

VMM - continued This extra layer between the host/guest incurs additional overhead. This cost is in addition to the hardware being simulated. Benefits include: exclusive access to declared resources, system isolation for security, easy scalability for deployment, and performance monitoring optimizations.

Security Risk The biggest concerns associated to off-site storage are the ones we can not control: – Physical security of components – What is the level of security of the overall system? Am I running on the hardware? Is the host OS secure?

Security Risk cont. VMM based threats: – Starvation: Is my VM being context swapped, what does this do too performance. Malicious VMs can attempt to bypass resource limits – VM side-channel attacks VM maliciously/non-maliciously flooded from other VM communications – As mentioned earlier vulnerabilities could exist at a lower level. The VM is helpless to these attacks.

Conclusions Virtual machines and VMMs are a requirement of utility computing. Trust must exist in the hardware/host OS owner that the system is kept secure. Virtual machines allow high levels of hardware utilization and provide portability. – HLL level portability and OS image level portability.