Anda di halaman 1dari 3

2012 International Conference on Radar, Communication and Computing (ICRCC),

SKP Engineering College, Tiruvannamalai, TN., India. 21 - 22 December, 2012. pp.254-256.

Security Issues in Virtualization Environment

R. Anand1, S. Sarswathi2 and R. Regan3

Abstract Security Issues are the principle concerns

of virtualization technology when there is an data AND PHYSICAL MACHINE
transfer and application access from one virtual
machine to another, as it is a decisive threat for Virtualization technology is mainly intended for less
efficiency. Todays IT intension is to have an outlook hardware usage. Still there are some of the issues that
for the virtualization technology that allows the have been identified while physical machine host number
business world to run with fewer resources. Still there of virtual machines[3]. Though hardware requirements
exist certain virtualization issues when normal have been minimized in case of running number of
applications and virtual applications are made physical machines in a single physical host, there exist
available to run in an virtual environment. Security security issues[4] between physical machine and the
issues among virtual machines, virtual applications, virtual machines. For example if number of servers is
and physical machines are noticeable. Following above running on one physical machine and if RAID controller
issues has been dealt with, to enhance the efficiency of wipes out all hard disk then there is a loss of data and the
virtual environment. information. This is because of an issue with security
Keywords Security in virtualization, Privacy, Virtual among virtual machines running on a single physical
Machine host[5]. Growth of number of virtual machines in a
physical machine is made easy. But assigning
administrator for each virtual machine to manage it is a
I. INTRODUCTION difficult task such that providing an security and
reliability for VMs.
A Virtual Machine (VM) is the virtualized
representation of a physical machine that is run and Since every feature of application software behaves
maintained on a host by a software virtual machine differently in a virtualized environment resource
monitor or requirement are different from softwares running in a
physical machine[7][8]. Managing virtual machines are
Hypervisor VMs have significant security the primary task in providing security.
implications. A primary concern is to ensure whether the
proper virtual environment is operating within a VM and
the VM is configured properly. Another concern is of III. ISSUES BETWEEN VIRTUAL MACHINES
virtual machines specific vulnerabilities that can be AND VIRTUAL APPLICATIONS
exploited to mount attacks specialized to subvert the built
in defences of the guest operating systems[1]. With By allowing the virtual machines for a computer to
virtualization, a single physical machine can be divided or run several applications at the same time, the computer
partitioned into multiple VMs. This provides each VM could be running several different virtual applications of
with better security isolation and each partition is the same software simultaneously. While virtual machines
protected from the possibility of Denial of Service (DoS) enables servers to perform task and run more virtual
attacks [2]from other partitions and also the security applications it can also consume much more time be more
attacks in one VM are completely isolated and contained laborious for the team that runs it. Although applications
from affecting the other VM. are remote, managers still have to follow and monitor
files, applications, data and storage. The virtual machine
can increase the workload because there are many more
points to manage and analyze Security and access are
some things that should also be monitored to monitor loss
or theft of data in a virtual or remote environment. The
transfer information of and the need for computers or
Research Scholar, Computer Science and Engineering, physical servers to interact remotely should also be
Manonmaniam Sundaranar University, Tirunelveli, monitored continuously.
Tamilnadu, India. Email: As depicted in the figure1 Virtual environment is
Information Technology, Pondicheery Engineering College, created in a physical system where there are number of
Pondicherry, India. Email: virtual machines in a single physical host. Each virtual
Computer Science and Engineering, University College of
machine has number of virtual applications running which
Engineering, Panruti, India. Email:

978-1-4673-2758-9/12/$31.00 2012 IEEE 254

Security Issues in Virtualization Environment







Fig. 1. Role of Administrator in Virtual Environment

is managed by the administrator. As discussed earlier the this situation the virtualization layer is vulnerable which
task of creating a virtual machine is made easier. With the can be easily affected by threat thereby decreasing the
increasing growth of VMs in a single physical machine security of whole virtual environment.
security issues among them increases proportionately with For efficiency in communication between VMs most
respect to resources and administrator. Each virtual virtualization platforms include the ability to create
machine should be assigned an administrator who is software based virtual networks and switches inside the
responsible for the managing and controlling its task. physical host to enable VMs to communicate directly.
Every virtual machine contains separate admin control This traffic will not be visible to network-based security
.Admin has list of approved written policies, procedures,
protection devices. Existing security mechanisms may
standards of the virtual machines and applications such
not coincide with virtual environment, hence virtual
that it provides access control mechanism, identification
environment is in secure.
and authentication to access the virtual machine and
virtual applications. Admin also restricts the non
reputation of application access thereby protecting the IV. SECURING ALL ELEMENTS OF VIRTUAL
VM consists of a virtual application in order to
maximize the performance of the application, and makes The security of a virtualization solution is heavily
the appliance smaller and possibly more secure. In this dependent on the individual security of each component,
context, virtual machines have virtual application which from the hypervisor and host OS to guest OSs,
provides data security, virtualization, and virtual privacy applications and storage. Sound security practices must be
among these virtual applications. The client machines and established such as keeping software up-to-date with
other PDAs depend on the VM in order to access the security patches, using secure configuration baselines,
virtual application in a virtual infrastructure. antivirus softwares or other appropriate mechanism to
Administrator of VM restricts the client to access the detect or stop attacks.
application in a variety of ways.
Virtual privacy is provided among the client machines V. RESTRICTING AND PROTECTING ADMINISTRATOR
so that any client is secure from any other client ACCESS TO THE VIRTUALIZATION SOLUTION
machines. By means of virtual security one virtual
machine is isolated from other virtual machines that run The security of the entire virtual infrastructure relies
in the general operating systems of a physical machine. on the security of virtualization management system that
The virtual security is also provided among the virtual controls the hypervisor and allows the operator to create
applications. The ultimate goal of virtualization new guest OS and perform other administrative actions.
administrator is to secure the entire virtual environment. Some virtualization products offer multiple ways to
The compromise of virtualization layer (virtual manage hypervisors; each management interface should
machine monitor or hypervisor) that exist between the be secured, whether locally or remotely accessible. For
physical machine and virtual machine leads to remote administration, the confidentiality of
compromise of all hosted workloads and its security. In communications should be protected.

2012 International Conference on Radar, Communication and Computing (ICRCC)

VI. ENSURING THE HYPERVISOR IS PROPERLY SECURED physical environment right from resource allocation to OS
access. Number of OS accessed by different clients
Securing a hypervisor involve actions that are standard slowing down the server can be avoided by making
for any type of software, such as installing updates as they parallel OS request. Such that solutions for all issues that
become available. Other recommended actions include has been discussed in this paper should be taken into an
disabling unused virtual hardware, file sharing and consideration while virtual access. Virtual privacy and
considering using the hypervisors capabilities to monitor virtual security should be provided in virtual environment
the security of each guest OS running within it, as well as to in-order to overcome all the above defined issues.
the security activities occurring between guest operating Virtual privacy between the virtual machines in an virtual
system. The hypervisor also needs to be carefully environment isolates one machine from other, thereby
monitored for signs of compromise. each VMs in VE are secured.

Virtual OS
[1] Qian Wang , Cong Wang ; Kui Ren ; Wenjing Lou ; Jin
Li Enabling Public Auditability and Data Dynamics for
Storage Security in Cloud Computing Parallel and
Client Virtual OS Distributed Systems, IEEE Transactions on May 2011,
Volume: 22 , Issue: 5 , Page(s): 847 859
[2] Jensen, M.; Schwenk, J.; Gruschka, N.; Iacono, L.L. On
Technical Security Issues in Cloud Computing Cloud
Computing, 2009. CLOUD '09. IEEE International
Virtual OS
Conference , Page(s): 109 116
[3] Jianfeng Yang; Zhibin Chen Cloud Computing Research
and Security Issues Computational Intelligence and
Software Engineering (CiSE), 2010 International
Fig. 2. Client accessing number of virtual OS Simultaneously
Conference, Publication Year: 2010 , Page(s): 1 3
Virtual applications being accessed in the virtual [4] Cong Wang; Qian Wang; Kui Ren; Ning Cao; Wenjing
environment on-demand by the client should have Lou Toward Secure and Dependable Storage Services in
Cloud Computing Services Computing, IEEE
privacy, such that the clients accessing virtual application
Transactions on 2012, Page(s): 220 232
is private from other client in the virtual environment. If
not, there occurs a migration of information from one [5] Wang, C.; Chow, S.; Wang, Q.; Ren, K.; Lou, W.
Privacy-Preserving Public Auditing for Secure Cloud
client to another client in the same virtual environment
Storage Computers, IEEE Transactions on 2011,Volume:
which leads to data in security. The data is insecure in PP , Issue: 99 , Page(s): 1
such case if there is no privacy among virtual applications
[6] Imad M. Abbadi Toward Trustworthy Clouds Internet
and the client. This is not an issue in case of physical Scale Critical Infrastructure Lecture Notes in Computer
environment, where every application and the clients Science, Springer 2011, Volume 6672/2011, 71-82
isolated from each other.
[7] Pardeep Sharma, Sandeep K. Sood and Sumeet Kaur
When virtual applications access information from the Security Issues in Cloud Computing Communications in
database server, the data from the server becomes Computer and Information Science, 2011, Springer
inconsistent, by several operations performed by the Volume 169, Part 1, 36-45
client. [8] Mohammed A. AlZain, Ben Soh and Eric Pardede A new
When the operating system is provided as a service, model to ensure security in cloud computing services
Journal of Service Science Research, Springer 2012,
there arise several issues rather than when the applications
Volume 4, Number 1, Pages 49-70
are accessed On-Demand. For example, when there are
multiple OS requests by the clients simultaneously, the [9] Wenjuan Li and Lingdi Ping Trust Model to Enhance
Security and Interoperability of Cloud Environment
server slows down.
Lecture Notes in Computer Science, Springer 2009,
Volume 5931, Cloud Computing, Pages 69-79
VII. CONCLUSION [10] Jin-Song Xu, Ru-Cheng Huang, Wan-Ming Huang and
Geng Yang Secure Document Service for Cloud
An issue faced by the virtual machines in virtual Computing Lecture Notes in Computer Science,
environment has been dealt with. It is clear that there arise Springer2009, Volume 5931, Cloud Computing, Pages
several issues in virtual environment rather than in 541-546