1.2 Virtual Machine and Its Security Challenges
A virtual machine image is a single file which contains a virtual disk that has a bootable operating system installed on it. Virtual machines are becoming more common with the evolution of virtualization technology. Virtual machines are often created to perform certain tasks that are different than tasks performed in a host environment.
Virtual machines are implemented by software emulation methods or hardware virtualization techniques. Depending on their use and level of correspondence to any physical computer, virtual machines can be divided into two categories:
1.2.1 System Virtual Machines
A system platform that supports the sharing of the host computer 's physical resources between multiple
…show more content…
1.4 Challenges in virtualization
Virtualization technologies offer new economic and technical possibilities. However, the addition of a new layer of software introduces new security concerns. Garfinkel and Rosenblum give in [14] a list of challenges raised by virtualization that are discussed hereafter.
1.4.1 Scaling
Virtualization enables quick and easy creation of new virtual machines. Therefore, security policies of a network (setup, updates...) have to be flexible enough to handle a fast increase in the number of machines.
1.4.2 Transience
With virtualization, machines are often added to or removed from a network. This can hinder the attempts to stabilize it. For example, if a network gets infected by a worm, it will be harder to find precisely which machines were infected and clean them up when these machines exist only during brief periods of time on the network. Similarly, infected machines or still vulnerable ones can reappear after the infection was thought to be wiped
…show more content…
2.1 Mirage
Mirage [7] is an image management system for the cloud environment. The Mirage provides security to the VM images in four ways.
2.1.1 Access Control
Any user who wants to modify or publish VM Images needs proper permission.
2.1.2 Filters
Remove Filter and Hide Filter, Remove filter excludes any sensitive file from the Image and Hide Filter hide the private information or replaces it in safer version.
2.1.3 Auditing
In auditing all operations performed on images are reviewed from a tracking file. If there is any suspicious operation or user is introduced, it will take action against him
2.1.4 Maintenance Services
In [15] a novel tool named Nüwa developed to enable efficient patching of offline VM images. Nüwa uses safety analysis and script rewriting techniques to convert patches, or more specifically the installation scripts contained in patches, which were originally developed for online updating, into a form that can be applied to VM images offline. Figure 2. Structure of Mirage
Kaylee Le MIS 201 U2 Assignment 10/18/2015 CERT/CERT-CC The development and dependence on the internet, and also complexity of interloper skills, additional resources is on demand. To fulfill this demand, the CERT/CC became one part of the larger CERT Division. The CERT is stand for the coordination center of the computer emergency response team (CERT) for the Software Engineering Institute (SEI). The CERT Division is funded mostly by the U.S. Department of Defense and the Department of Homeland Security.
S-CSP: Storage provider is nothing but kind of an entity which makes available storage services of data inside a public cloud. S-CSP offers outsourcing data services and then it stores that data in support of a users of the data. To trim down the cost of storage, the Service Providers eradicates the storing of an unneeded data by using Deduplication technique or methods whereas it also maintains only distinctive form of data rather keeping all the files having similar content. Users:
1.0 Overview: These policy’s describes the backup strategy for workstations or devices likely to have their records backed up. These devices are naturally servers, however, are not essentially limited to servers. Servers projected to be backed up comprise of the file the mail and the web server. 1.0 Purpose: A policy designed to defend data in the organization to be sure it’s not lost and can be recuperated in the result of an equipment failure, deliberate destruction of data or disaster.
Not only will these innovations improve network strength, but possibly the speeds at which a client can access information from an application server. This has the potential to make cloud computing even more prevalent than it already is today because it would become easier to keep up with mass traffic to the servers. Large server banks would be able to be downsized slightly compared to their current sizes. The computer science techniques used in created Marple show that it is possible to even make an old process useful in modern applications. The hardware of Marple is also programmable making it extremely useful for any network engineers because they will be able to write custom software for Marple-based
In this section of the presentation I will be talking about anti-virus, the first one I will be talking about is firewall this is a software or a hardware based system that is made to block access from a network. This is used in most network as a line of defence to try and stop bad packets entering the network and cause harm to the network. How it does is this by filter all the suspicious packets that can harm the network . There are three different types of firewalls proxy firewall, packet filtering firewall, stateful Firewall, I will start of with the stateful inspection packet filtering firewall, this is basically the eye of the network as it tracks on everything out and in the network, so if somehow the hacker enter the network and damage it because
In order to do hardening system on any type of software computer you would have to look at the type of location that your network is going to be installed in after you fine or survey the following location then you would definitely get a location to where you would like to place your hardware to install your firewall systems once you get the physical aspect of your file systems installed you would then have to look at how setting up the software passwords on most computers or on your security system on the network then you would not stop there because you would have to keep access controls established on the location to make sure that physical security of the location does not hinder anyone from trying to get into the location that has authorized
Rootkit: It inject malware to the computer in order to get root access to computer or other device. Sandboxing: It is a computer security term referring to when a program is set aside from other programs in a separate environment so that if errors or security issues occur, those issues will not inject to other areas on the computer.
Describe the operation of virtual memory management. Basically it is a method that the OS uses to minimize the amount of process code and data stored in memory by dividing pages and memory into frames. This also frees up the memory for other processes to use. Virtual memory management divides a program into partitions called pages.
Now, it is possible for virtual machines (VMs) to be created, deleted and migrated in a matter of seconds or minutes. That means keeping an up-to-date inventory of VMs is near impossible, with the distinct possibility they may not be backed up at all.
Each configuration has its advantages and disadvantages; complexity or flexibility, cost (hardware and software), performance, scalability and user load. We have software that is designated with a site license, meaning that we can run unlimited instances at our physical address. We have other software packages that are licensed to an individual user’s device. Multiple variables must be considered in deciding how software is loaded and presented to the user base. Each software package has it individual licensing and system requirements.
The Trojans attacks the network by modifying blocking and even delete data. The last attack that I will describing is Worms, worms and viruses are similar in the way how fast they spread through the network, worms also fill up the storage space with junk the result of this slows down the
Following is a report completed for the executives of Frist World Bank Savings and Loan, with the objective to provide information on appropriate kernel options including the pros and cons of each. The importance of a software management plan, the use of installing anti-virus software on our Linus servers, monitoring and logging techniques used in a typical Linux infrastructure are all included within. Additionally, a description and explanation of the importance of a suitable backup plan is described. First let’s discuss each option and understand each. The kernel is highly configurable, it represents an opportunity to better secure our systems.
Images can be deceiving and have a direct purpose intended by the creator. Knowing the purpose and goal behind the image will help us to see how it is being used to persuade the viewer. Virtual analysis gives us the ability to see what is beyond the image displayed. We can try to interpret and breakdown the content. An example of how analysis is useful is a detective in a murder investigation between a husband and wife. .
In spite of the indifference, Virtual Reality has awoken the world in giant ways. Society should not stay doubtful of the countless possibilities it has to bring in an optimistic and technological way. Recently, in order to describe something that holds spirit and effect without having form, but having an effect on the actual, the word ‘virtual’ was used. Virtual reality is developing all the time and has found hitches not formerly considered. Applications of Virtual reality are starting to find their way into normal society.
1. What is the problem? What were the underlying causes of this problem? The problem was happened because of the new knowledge management application, which was designed to copy information across network automatically, which also led to the main switch and consequently to the system collapse.