Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort.
Massive scale, homogeneity, virtualization, resilient computing, low-cost software, geographic distribution, service orientation, advanced security.
Use provider's applications on cloud (e.g. Salesforce, Knowledge Tree)
Deploy consumer-created apps with provider tools (e.g. Google Apps)
Provision processing, storage, networks (e.g. AWS, Azure)
| Model | Description |
|---|---|
| Private | Operated solely for an organization |
| Community | Shared by organizations with shared concerns |
| Public | Available to general public or large industry |
| Hybrid | Composition of two or more models |
Data security, data locality, unauthorized access, lost control, provider support
SOA/API issues, service lock-in, interoperability
VM boundaries, hypervisor security, VM images, vendor equipment trust
Security and data privacy are critical barriers to cloud adoption. Key issues: trust, multi-tenancy, encryption, compliance. Clouds are massively complex but built from simple primitives - security is tractable.
In transit: ~90% of providers encrypt. At rest: only ~10%. Encrypt resource control interface, admin access, applications. Not all data at rest needs encryption - depends on sensitivity.
Virtualization is the foundational technology of cloud computing. Cloud "relies on separating applications from the underlying infrastructure." VM is logically isolated from host hardware. Sharing: assign logical name to resource; give each request a pointer.
Installed on bare metal; no host OS. Direct control of hardware.
Runs on host OS; emulates devices. Guest OSs run on top.
Increases utilization, enables portability, improves security of physical host.
Kernel-level security tools can be compromised by rootkits (same privilege). With virtualization, put the security tool in a separate Security VM - isolated from untrusted VM. The hypervisor has higher privilege; security tool uses introspection to access guest VM contents.
Memory is the only reliable source of current system state. From memory we can extract: running processes, encryption keys, decrypted data, network sockets, OS accounting, user input, screen captures, and more.
Security VM takes snapshot of guest raw memory periodically. No timing sync. Uses VM introspection (e.g. libVMI): kernel symbol lookup → page tables → locate kernel data.
Event-driven. Guest triggers event → trampoline transfers control to security app. Hooks protected by hypervisor. Enforces policy, prevents attacks before they complete.
Open-source VM introspection library. Virtual memory translation, kernel symbol mapping, place hooks (memory r/w/x, register r/w, interrupts, single-step). Raw memory → meaningful structures (e.g. process list).
Invocation cost: switching to hypervisor is expensive. Introspection cost: accessing guest memory requires hypervisor calls for page mapping. Fine-grained monitoring amplifies overhead.
SIM combines out-of-VM security with in-VM performance. Uses hardware virtualization (e.g. Intel VT) so monitor runs in same VM as guest but in separate address space - no hypervisor intervention during invocation; reads/writes at native speed.
SIM is ~10× faster for monitor invocation.
Secure and flexible monitoring of VMs; virtual memory and disk introspection.
SIM: hardware virtualization for protected address space, gates, LBR; low overhead.