Delusional boot: securing hypervisors without massive re-engineering
Proceedings of the 7th ACM european conference on Computer Systems
Towards a richer model of cloud app markets
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Proceedings of the 2012 ACM conference on Computer and communications security
An architecture for overlaying private clouds on public providers
Proceedings of the 8th International Conference on Network and Service Management
MyCloud: supporting user-configured privacy protection in cloud computing
Proceedings of the 29th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
Virtualization contributes to the optimization and modularization of resource usage in a machine. Furthermore, many systems have relied on a virtualization layer to provide extra security functionality. Both features rank amongst the most important of the technological capabilities enabling cloud computing, improving performance and security. The availability of hardware support for 脳86 virtualization allows to run virtual machines (VMs) with very low overhead. However, using hardware virtualization inside the OS makes it unavailable for any additional security code as the hardware supports only a single layer of VMs. Stacking virtual machines recursively is one solution to this problem. Unfortunately, current implementations induce an overhead that grows exponentially with the stacking depth. In the paper we address this conflict by describing a novel design that mitigates the performance issues of recursive virtual machines. Once this solved, the doors are open for the design of advanced security mechanisms that are implemented in the intermediate layers and provide additional security features to the system. We suggest concrete ways to further explore this avenue.