Upload
alexa-stanton
View
29
Download
0
Tags:
Embed Size (px)
DESCRIPTION
V irtual machines image protection in Cloud computing. Muhammad Kazim (2011-NUST-MSCCS-23) Thesis Supervisor: Dr. Muhammad Awais Shibli G.E.C Members: Dr. Abdul Ghafoor Abbasi Dr. Hamid Mukhtar Ms. Rahat Masood. Agenda. Introduction Motivation Research Methodology - PowerPoint PPT Presentation
Citation preview
Virtual machines image protection in Cloud computing
Muhammad Kazim (2011-NUST-MSCCS-23)
Thesis Supervisor:
Dr. Muhammad Awais Shibli
G.E.C Members:
Dr. Abdul Ghafoor Abbasi
Dr. Hamid Mukhtar
Ms. Rahat Masood
Agenda• Introduction• Motivation• Research Methodology• Problem Statement• Research Contributions• Implementation• Results• Conclusion
Introduction
The core of Cloud services, Infrastructure-as-a-Service (IaaS) model provides the capability to provision;
• Processing• Storage• Networks
IaaS
PaaS
SaaS
Virtualization• In Cloud computing, Virtualization is the basis of providing
IaaS.
• A single system can concurrently run multiple isolated virtual machines (VMs), operating systems or multiple instances of a single operating system (OS).
• Virtualization maximizes the jobs a single CPU can do.
• Organizations are using virtualization to gain efficiency in platform and application hosting
Virtualization in Cloud
Figure 1: Virtualization in Cloud
Virtual Disk Image • A single file or directory representing the hard drive of a
guest operating system.
• Encapsulates all components of a guest OS, including the applications and virtual resources used by guest OS.
• Provides the ability to quickly launch and deploy virtual machines across various hosts.
Motivation• According to a survey, virtualization security is most
important security issue in Cloud.
• NIST, CSA and PCI DSS in their security guidelines for virtualization have emphasized the importance of virtualization and disk images security.
• Disk images in storage can be compromised through attacks such as data leakage, malware installation on images and snapshot access in storage.
Problem StatementVirtual machine images are vulnerable to different attacks in Cloud storage. In order to secure virtual machines images from infrastructure, hypervisor and storage attacks, we have proposed a security mechanism that encrypts virtual machines images during storage.
Research Methodology
Problem Statement
Analysis of virtualization
security
Framework Implementation
Testing Design Framework
Literature Survey
Research Publication
Research Publication
Contributions• Theoretical (Two Research Publications)
• Practical (Development of OpenStack Disk Image Encryption framework)
Conference Paper 1Muhammad Kazim, Rahat Masood, Muhammad Awais Shibli, Abdul Ghafoor Abbasi, “Security Aspects of Virtualization in Cloud Computing”, 12th International Conference on Computer Information Systems and Industrial Management Applications, Krakow-Poland 2013, September 25-27.
http://home.agh.edu.pl/~saeed/cisim2013/
Conference Paper 2
Muhammad Kazim, Rahat Masood, Muhammad Awais Shibli, “Securing the virtual machine images in Cloud computing”, 6th International Conference on Security of Information and Networks (SIN 2013), ACM, November 26-28, 2013, Aksaray/Turkey.
http://sinconf.org/sin2013/index.php
Virtual Machines
Requirements Attacks Solutions
Isolation between virtual machines should be properly implemented
Malicious programs use covert channels to communicate with other VMs in unauthorized way
Vigilant can monitor faults in guest OS of VM
Update the OS regularly and use anti-virus software, secure internet and restrict remote access
Malicious programs can monitor traffic, steal critical data, and tampering the functionality of VMs
Security features such as firewall, HIPS, log monitoring must be provided in guest OS
Securely boot the guest VMs
Attacker can tamper boot process of guest VMs
Security protocol by J. Kong can be to ensure secure boot of guest VMs
There must be limit on VMs resource usage
Using a malicious VM to consume extra resources of the system, resulting in DOS attack
Administrator must deploy a software or application that limits VMs to use authorized resources
Disk ImagesRequirements Attacks Solutions
Saved image state must not be tampered by hypervisor
Attacker can compromise the integrity and confidentiality of the saved state of image
Use encryption and hashing of images before saving them
Snapshot access must be prevented from authorized access
VM checkpoint attacks Checkpoint attacks can be prevented by encrypting the checkpoints using SPARC
Apply updates and patches to maintain images secure
Old images are vulnerable to zero day attacks
Nuwa is a tool designed to apply efficient patching to VM images in Cloud
Backup of the virtual machines images must bemaintained
Unauthorized access to the backup data can result in leakage of sensitiveinformation
Backup of VM images must be encrypted. If any VM is removed then its backup must also be removed
Implementation Perspective• Implement a framework that that ensures confidentiality of
images through encryption
• Images are decrypted when required by the VM
• Use of hashing techniques to ensure integrity
OpenStack
• Used in 178 different countries and more than 850 organizations including NASA, Rackspace,
• Collection of open source components• Modular design• IaaS Cloud Services allows users to manage: VMs, Virtual
networks, storage resources
OpenStack Components• Swift• Glance• Nova• Horizon• Keystone• Quantum• Cinder
18
Virtual Machines in OpenStack
OpenStack Swift Architecture• Swift is a highly available, distributed, eventually
consistent object/blob store.
• Is maintained and developed by one of the largest open-source teams in the world, and is in the top 2% of all project teams on Ohloh.
• Has 53,605 lines of code and is written in Python.
Components• Proxy Servers: Handles all incoming API requests.• Rings: Maps logical names of data to locations on
particular disks.• Accounts & Containers: Each Account and Container
are individual databases that are distributed across the cluster. An Account database contains the list of Containers in that Account. A Container database contains the list of Objects in that Container
• Objects: The data itself.• Partitions: A Partition stores Objects, Account databases
and Container databases.
Image Encryption Module In Swift
1. PUT Request 2. Upload Image as Object 2. EDIC intercepts
(Request to store image)
3. Intercept image 5. Store encrypted image store request
3. Key Request
4.Key exchange
5. Encrypt Image by AES-256
Glance Swift Proxy
Image Encryption
Module (IEM)
Key Management Server
Swift Object
Image Decryption Module In Swift
1. GET Request 2. Download Image as Object 2. EDIC intercepts
(Request to access image)
3. Intercept image 6. Download encrypted image access request
3. Key Request
4.Key exchange
5. Decrypt Image by AES-256
Glance Swift Proxy
Image Decryption
Module (IDM)
Key Management Server
Swift Object
23
IEM & IDM
IEM & IDM
Deployment of OpenStack for development
• Devstack • A documented shell script to build complete OpenStack development
environments.
• Deployment of Devstack• Setup a fresh supported Linux installation• Clone devstack from devstack• Deploy your OpenStack Cloud
http://devstack.org/
Debugging of source code• Debugging of Swift through command line
Pdb (Python debugger)
Integration of Image Encryption and Decryption with Swift
• Integrating Image encryption and decryption with OpenStack Swift image storage.• OpenStack Swift API is implemented as a set of ReSTful web
services • The proxy server initiates an internal Swift PUT request to the
object servers • Object servers processes images chunk by chunk so each chunk
gets encrypted• Foe decryption object server decrypts each chunk before it sends
the image to the proxy server
Demo • Running Devstack script• Add an image• Show it in Storage• Run a VM on it (it gets decrypted)
Results• Add a custom bootable image• Launch a VM• After VM termination, image is located into Swift encrypted
storage• After VM termination, image is stored in encrypted state in
Swift.• AES is block sized encryption, that adds extra padding to
images• Encryption of images maintains their confidentiality in Cloud
storage• Hash of image is taken before encryption. During decryption
hash of image is calculated again, and compared with the original hash to ensure integrity of image.
Future Directions• Encryption of accounts to protect users and images lists in
Swift.
• Integration of Key Management protocol with Swift image encryption.
• Encryption of persistent storage used by virtual machines during execution.
Conclusion• Image encryption module encrypts all virtual disk images
before storage in OpenStack. They are decrypted when required by the virtual machine.
• Integrity and confidentiality of virtual machine images in storage is ensured. They are secure from all possible storage attacks such as data theft, malware installation and hypervisor issues.
References[1] Shubhashis Sengupta, Vikrant Kaulgud, Vibhu Saujanya Sharma, “Cloud Computing Security -
Trends and Research Directions”, IEEE World Congress on Services, Washington, DC, USA, 2011.
[2] Jakub Szefer, Ruby B. Lee, “A Case for Hardware Protection of Guest VMs from Compromised Hypervisors in Cloud Computing”, 31st International Conference on Distributed Computing Systems Workshops, Washington, DC, USA, 2011.
[3] Jinzhu Kong, “Protecting the confidentiality of virtual machines against untrusted host”, International Symposium on Intelligence Information Processing and Trusted Computing, Washington, DC, USA, 2010.
[4] Farzad Sabahi, “Secure Virtualization for Cloud Environment Using Hypervisor-based Technology”, International Journal of Machine Learning and Computing vol. 2, no. 1, February 2012, pp.39-45.
[5] Jenni Susan Reuben, “A Survey on Virtual Machine Security”, TKK T-110.5290 Seminar on Network Security, 2007.
[6] Seongwook Jin, Jeongseob Ahn, Sanghoon Cha, and Jaehyuk Huh, “Architectural Support for
Secure Virtualization under a Vulnerable Hypervisor”, Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture, USA, 2011.
[7] Ryan Shea, Jiangchuan Liu, “Understanding the Impact of Denial of Service on Virtual Machines”, IEEE 20th International Workshop on Quality of Service (IWQoS), Burnaby, BC, Canada, 2012.
[8] Wu Zhou, Peng Ning, Xiaolan Zhang, “Always up-to-date: scalable offline patching of VM images in a compute cloud”, Proceedings of the 26th Annual Computer Security Applications Conference, New York, USA, 2010, pp. 377-386.
[9] Trent Jaegar, Reiner Sailer, Yogesh Sreenivasan, “Managing the Risk of Covert Information Flows in Virtual Machine Systems”, Proceedings of the 12th ACM symposium on Access control models and technologies, New York, USA, pp. 81-90, 2007.
[10] Mikhail I. Gofman, Ruiqi Luo, Ping Yang, Kartik Gopalan, “SPARC: A security and privacy aware Virtual Machine checkpointing mechanism”, Proceedings of the 10th annual ACM workshop on Privacy in the electronic society, New York, USA, 2011, pp. 115-124.
[11] Zhi Wang, Xuxian Jiang, “HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor
Control-Flow Integrity” IEEE Symposium on Security and Privacy, Oakland, CA, USA, 2010, pp. 380-385.
[12] Mohamad Rezaei et al., “TCvisor: a Hypervisor Level Secure Storage”, TCvisor: a Hypervisor Level Secure Storage”, Internet Technology and Secured Transactions (ICITST), London, 2010, pp. 1-9.
[13] Dan Pelleg, Muli Ben-Yehuda, Rick Harper, “Vigilant—Out-of-band Detection of Failures in Virtual Machines”, ACM SIGOPS Operating Systems Review, New York, NY, USA, Volume 42 Issue 1, 2008, pp. 26-31.
[14] Sandra Rueda, Rogesh Sreenivasan, Trent Jaeger, “Flexible Security Configuration for Virtual Machines”, Proceedings of the 2nd ACM workshop on Computer Security Architectures, New York, NY, USA, 2008, pp. 35-44.
[15] Koichi Onone, Yoshihiro Oyama, Akinori Yonezawa, “Control of System Calls from Outside of Virtual Machines”, Proceedings of the 2008 ACM symposium on Applied Computing, New York, NY, USA, 2008, pp. 2116-2221.