Virtualization Essay

Satisfactory Essays
Virtualization technologies provide isolation of operating systems from hardware. This separation enables hardware resource sharing. With virtualization, a system pretends to be two or more of the same system [23]. Most modern operating systems contain a simplified system of virtualization. Each running process is able to act as if it is the only thing running. The CPUs and memory are virtualized. If a process tries to consume all of the CPU, a modern operating system will pre-empt it and allow others their fair share. Similarly, a running process typically has its own virtual address space that the operating system maps to physical memory to give the process the illusion that it is the only user of RAM.

Figure 2 1 Virtualization
2.1 Virtual Machine
The first machine to fully support virtualization was IBM’s VM. Virtual machine (VM) encapsulates an operating system and application in one unit. Virtualization provide an ability to run entire VM including its own operating system i.e. guest operating system on another operating system i.e. host operating system.
2.2 Hypervisor
Hypervisor is also known as virtual machine monitor (VMM). The VMM is a thin software layer that runs directly on a physical machine’s hardware. On top of the virtual machine monitor, there can be one or more virtual machines. The VMM provides each virtual machine with a set of virtual interfaces that resemble direct interfaces to the underlying hardware. Applications on a virtual machine can run without modification as if they were on running on a dedicated physical machine. The
VMM allows multiple virtual machines to be running at the same time and transparently multiplexes resources between them [Gol74]. The VMM also isolates the virtual machines from on...

... middle of paper ...

... the migration transit path and associated network stream, an attacker can extract information from the memory of the migrating VM such as passwords, keys, application data, and other protected resources [17].

Table 2 1 VM Migration Attacks & Its Countermeasures
Attack Attack Vector Countermeasure
Man-In-Middle Unsecured Network route Proper SSL Configuration or Strong Encryption Algorithm
VM Diversity Dom0 of Hypervisor TCCP (Trusted Cloud
Computing Platform)
False Resource Advertisement Access Policy Properly Configured Firewall Rules
Information Leakage Unsecured transmission route VLAN, Proper SSL Configuration or Strong Encryption Algorithm
DOS Vulnerable Hypervisor,
Access Policy Intrusion Detection System (IDS), Properly defined access Policies rules
Data Remanence Improper Storage policies Strong Encryption Scheme, Zeroing/Reset or deletion of Left-Image
Get Access