Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.

Slides:

Advertisements

Similar presentations

Operating Systems Components of OS

Advertisements

Remus: High Availability via Asynchronous Virtual Machine Replication

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.

Xen , Linux Vserver , Planet Lab

VMware Virtualization Last Update Copyright Kenneth M. Chipps Ph.D.

Tunis, Tunisia, 28 April 2014 Business Values of Virtualization Mounir Ferjani, Senior Product Manager, Huawei Technologies 2.

Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.

-How To leverage Virtual Desktop for Manageability & Security -Desktop Computing “as a service” Andreas Tsangaris CTO, PERFORMANCE

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

CS-3013 & CS-502, Summer 2006 Virtual Machine Systems1 CS-502 Operating Systems Slides excerpted from Silbershatz, Ch. 2.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Virtualization in Data Centers Prashant Shenoy

Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Chapter 21: Mobile Virtualization Infrastracture and Related Security Issues Guide to Computer Network Security.

Virtualization for Cloud Computing

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

VIRTUALISATION OF HADOOP CLUSTERS Dr G Sudha Sadasivam Assistant Professor Department of CSE PSGCT.

5205 – IT Service Delivery and Support

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

VMs Virtual Machines. VM What is a VM  Virtual Machine  Software implementation of a machine running on another machine The VM may or may not resemble.

Microkernels, virtualization, exokernels Tutorial 1 – CSC469.

Jakub Szefer, Eric Keller, Ruby B. Lee Jennifer Rexford Princeton University CCS October, 2011 報告人：張逸文.

Virtualization Lab 3 – Virtualization Fall 2012 CSCI 6303 Principles of I.T.

© 2010 VMware Inc. All rights reserved Patch Management Module 13.

Introduction to VMware Virtualization

Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.

Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

COMS E Cloud Computing and Data Center Networking Sambit Sahu

Mark A. Magumba Storage Management. What is storage An electronic place where computer may store data and instructions for retrieval The objective of.

High Performance Computing on Virtualized Environments Ganesh Thiagarajan Fall 2014 Instructor: Yuzhe(Richard) Tang Syracuse University.

Sumit Kumar Archana Kumar Group # 4 CSE 591 : Virtualization and Cloud Computing4/19/2011.

Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.

Virtual Workspaces Kate Keahey Argonne National Laboratory.

 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.

VMware vSphere Configuration and Management v6

Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.

What is virtualization? virtualization is a broad term that refers to the abstraction of computer resources in order to work with the computer’s complexity.

Security Vulnerabilities in A Virtual Environment

Virtual Machine Management Challenges What are Solution Accelerators? Offline Virtual Machine Servicing Tool Next Steps.

IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

Operating-System Structures

Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.

Cloud Computing Lecture 5-6 Muhammad Ahmad Jan.

Cloud Computing – UNIT - II. VIRTUALIZATION Virtualization Hiding the reality The mantra of smart computing is to intelligently hide the reality Binary->

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

VIRTUALIZATION TECHNOLOGIES BY COLLIN DONALDSON. PHYSICAL COMPUTING Install Hardware Load Operating System and other software Deploy either manually or.

© ExplorNet’s Centers for Quality Teaching and Learning 1 Explain the purpose of Microsoft virtualization. Objective Course Weight 2%

Unit 2 VIRTUALISATION. Unit 2 - Syllabus Basics of Virtualization Types of Virtualization Implementation Levels of Virtualization Virtualization Structures.

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

Virtualization for Cloud Computing

Patch Management Module 13.

Working at a Small-to-Medium Business or ISP – Chapter 8

Operating System Structure

Virtualization, Cloud Computing and Big Data

Chapter 21: Virtualization Technology and Security

1. 2 VIRTUAL MACHINES By: Satya Prasanna Mallick Reg.No

Chapter 2. Malware Analysis in VMs

Chapter 22: Virtualization Security

Partition Starter Find out what disk partitioning is, state key features, find a diagram and give an example.

BACHELOR’S THESIS DEFENSE

16. Account Monitoring and Control

Presentation transcript:

Presented by: Reem Alshahrani

Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments How to improve security Conclusion References

What is Virtualization a virtual Virtualization is the creation of a virtual version of something, such as an operating system, a server, a storage device or network resources. Run multiple operating systems and applications on a single server.

Virtual environment components Server: a physical platform to host the virtual machines Virtual Machine Monitor (VMM): Provides a layer of software between the virtual machines and the server (e.g. Vmware, Virtual box and Xen) Virtual machines: entirely encapsulates the state of the guest operating system running inside it. Encapsulated machine state can be copied, shared and modified like a normal file. Number of virtual machines on a server is limited by the servers capabilities

Advantages Better Resource Utilization, save energy and Isolate applications (security) Robust, affordable high availability and Improve disaster recovery Rapid adoption in many computing environments such as Virtualized networks and Network Function Virtualization

Security in Virtualized environments Flexibility brought up a lot of challenges. Numbers, locations, configurations of hosts are dynamic

Unpredictable growth of VMs Unpredictable growth of VMs can significantly multiply the effect of catastrophic events (worm attacks and scanning for vulnerabilities) Management in Virtualized environment usually done manually. VMs appear and disappear dynamically based on need. Therefore, when a virus hits a VM, it will highly likely infect other VMs. At this point, identifying the infected VMs is difficult because of their dynamic nature. That makes detecting, cleaning and patching the VMs a difficult task Therefore, viruses tend to stay longer in the VMs.

Security and usability The VMs are designed to increase the availability of the system. Viruses and vulnerability scanning, patching, and machine configurations contradict with this goal This results in users ignoring the regular maintenance of their VMs. Thus, increasing the number of vulnerable and infected machines.

Rolling Back Some of the useful features such as Rollback have harmful interactions with existing security mechanisms and protocols It can re-expose patched vulnerabilities. Re-enable previously disabled accounts or passwords Reintroduce worms, viruses and other malicious code that had been previously removed. Can restore already deleted sensitive data.

Diversity Many IT organizations tackle security problems by enforcing homogeneity: all machines must run the most current patched software. VMs can facilitate more efficient usage models which derive benefit from running unpatched or older versions of software. This create a range of problems as one must try and maintain patches or other protection for a wide range of OSes. Dealing with the risk of having many unpatched machines on the network. It makes patch management more difficult.

Mobility VMs provide mobility similar to a normal file. The TCB of a normal platform consists of the hardware and the software stack The TCB of VMs consists of all the hosts that a VM has to run on. This can make it very difficult to figure out how far a compromise has extended. Moving VMs of unknown configurations into another secured server is risky. More vulnerable to theft and data loss since the whole computing environment can be moved on a USB.

Solution Introducing a virtualized layer and moving many of the security and management functions of the VMs into this layer. That allows administrators to flexibly re-introduce the constraints that virtualization relaxes on mobility and data lifetime. Facilitate the automation of management tasks and performed while VMs are offline. To improve the usability, scalability and flexibility.

Conclusion Implementing a virtualized environment is increasing. Current research is focusing on virtualization implementation and applications. Further research is needed to address the security problems in this dynamic environment.

References Garfinkel, Tal, and Mendel Rosenblum. "When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments." HotOS