Comprehensive Security Assurance Measures for Virtualized Server Environments
Server or Hardware virtualization is an established technology in data centers used for supporting enterprise IT resources as well as cloud services. The components of this virtualized server environment are: (a) A hardware with features to support instruction set and memory virtualization (b) The core software - the hypervisor that provides abstraction of the hardware resources, such as CPU, memory, and devices (c) Multiple computing stacks called VMs, each with its own OS, applications and virtual resources (d) A software-defined virtual network linking the multiple VMs within a hypervisor and (e) an enterprise- wide virtual network enabled with technologies such as VLAN and overlay networks built on top of the physical network of the data center. Since a virtualized server comes in several architectural flavors (Type 1 Vs Type 2, Full Vs Para-virtualized), this manuscript identified five baseline functions for the hypervisor and core functions for other components of the virtualized server environment and analyzed the threats to secure execution of these functions as well as threats originating from these functions. The threats were then used as the basis for developing appropriate security assurance measures for countering each threat.
From Database to Cyber Security: Essays Dedicated to Sushil Jajodia on the Occasion of his 70th Birthday