Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.

Published byBruno Franklin Modified over 8 years ago

Similar presentations

Presentation on theme: "Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments."— Presentation transcript:

1 Presented by: Reem Alshahrani

2 Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments How to improve security Conclusion References

3 What is Virtualization a virtual Virtualization is the creation of a virtual version of something, such as an operating system, a server, a storage device or network resources. Run multiple operating systems and applications on a single server.

4 Virtual environment components Server: a physical platform to host the virtual machines Virtual Machine Monitor (VMM): Provides a layer of software between the virtual machines and the server (e.g. Vmware, Virtual box and Xen) Virtual machines: entirely encapsulates the state of the guest operating system running inside it. Encapsulated machine state can be copied, shared and modified like a normal file. Number of virtual machines on a server is limited by the servers capabilities

5

6 Advantages Better Resource Utilization, save energy and Isolate applications (security) Robust, affordable high availability and Improve disaster recovery Rapid adoption in many computing environments such as Virtualized networks and Network Function Virtualization

7 Security in Virtualized environments Flexibility brought up a lot of challenges. Numbers, locations, configurations of hosts are dynamic

8 Unpredictable growth of VMs Unpredictable growth of VMs can significantly multiply the effect of catastrophic events (worm attacks and scanning for vulnerabilities) Management in Virtualized environment usually done manually. VMs appear and disappear dynamically based on need. Therefore, when a virus hits a VM, it will highly likely infect other VMs. At this point, identifying the infected VMs is difficult because of their dynamic nature. That makes detecting, cleaning and patching the VMs a difficult task Therefore, viruses tend to stay longer in the VMs.

9 Security and usability The VMs are designed to increase the availability of the system. Viruses and vulnerability scanning, patching, and machine configurations contradict with this goal This results in users ignoring the regular maintenance of their VMs. Thus, increasing the number of vulnerable and infected machines.

10 Rolling Back Some of the useful features such as Rollback have harmful interactions with existing security mechanisms and protocols It can re-expose patched vulnerabilities. Re-enable previously disabled accounts or passwords Reintroduce worms, viruses and other malicious code that had been previously removed. Can restore already deleted sensitive data.

11 Diversity Many IT organizations tackle security problems by enforcing homogeneity: all machines must run the most current patched software. VMs can facilitate more efficient usage models which derive benefit from running unpatched or older versions of software. This create a range of problems as one must try and maintain patches or other protection for a wide range of OSes. Dealing with the risk of having many unpatched machines on the network. It makes patch management more difficult.

12 Mobility VMs provide mobility similar to a normal file. The TCB of a normal platform consists of the hardware and the software stack The TCB of VMs consists of all the hosts that a VM has to run on. This can make it very difficult to figure out how far a compromise has extended. Moving VMs of unknown configurations into another secured server is risky. More vulnerable to theft and data loss since the whole computing environment can be moved on a USB.

13 Solution Introducing a virtualized layer and moving many of the security and management functions of the VMs into this layer. That allows administrators to flexibly re-introduce the constraints that virtualization relaxes on mobility and data lifetime. Facilitate the automation of management tasks and performed while VMs are offline. To improve the usability, scalability and flexibility.

14 Conclusion Implementing a virtualized environment is increasing. Current research is focusing on virtualization implementation and applications. Further research is needed to address the security problems in this dynamic environment.

15 References Garfinkel, Tal, and Mendel Rosenblum. "When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments." HotOS. 2005.

Download ppt "Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments."

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
Remus: High Availability via Asynchronous Virtual Machine Replication

Remus: High Availability via Asynchronous Virtual Machine Replication
Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
Xen , Linux Vserver , Planet Lab

Xen , Linux Vserver , Planet Lab
VMware Virtualization Last Update 2014.02.06 2.0.0 1Copyright 2011-2014 Kenneth M. Chipps Ph.D. www.chipps.com.

VMware Virtualization Last Update Copyright Kenneth M. Chipps Ph.D.
Tunis, Tunisia, 28 April 2014 Business Values of Virtualization Mounir Ferjani, Senior Product Manager, Huawei Technologies 2.

Tunis, Tunisia, 28 April 2014 Business Values of Virtualization Mounir Ferjani, Senior Product Manager, Huawei Technologies 2.
Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.

Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.
-How To leverage Virtual Desktop for Manageability & Security -Desktop Computing “as a service” Andreas Tsangaris CTO, PERFORMANCE

-How To leverage Virtual Desktop for Manageability & Security -Desktop Computing “as a service” Andreas Tsangaris CTO, PERFORMANCE
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
CS-3013 & CS-502, Summer 2006 Virtual Machine Systems1 CS-502 Operating Systems Slides excerpted from Silbershatz, Ch. 2.

CS-3013 & CS-502, Summer 2006 Virtual Machine Systems1 CS-502 Operating Systems Slides excerpted from Silbershatz, Ch. 2.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Virtualization in Data Centers Prashant Shenoy

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Virtualization in Data Centers Prashant Shenoy
Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.

Summary of Lecture 1 Security attack types: either by function or by the property being compromised Security mechanism – prevention, detection and reaction.
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
Chapter 21: Mobile Virtualization Infrastracture and Related Security Issues Guide to Computer Network Security.

Chapter 21: Mobile Virtualization Infrastracture and Related Security Issues Guide to Computer Network Security.
Virtualization for Cloud Computing

Virtualization for Cloud Computing
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.

Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Similar presentations

Ads by Google