NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Preventing bots from playing online games
Computers in Entertainment (CIE) - Theoretical and Practical Computer Applications in Entertainment
The Ontological Interpretation of Informational Privacy
Ethics and Information Technology
Secure Control: Towards Survivable Cyber-Physical Systems
ICDCSW '08 Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems Workshops
Virtualization and Hardware-Based Security
IEEE Security and Privacy
Security Implications of Virtualization: A Literature Study
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Security for the cloud infrastructure: trusted virtual data center implementation
IBM Journal of Research and Development
Benefits of Location-Based Access Control: A Literature Study
GREENCOM-CPSCOM '10 Proceedings of the 2010 IEEE/ACM Int'l Conference on Green Computing and Communications & Int'l Conference on Cyber, Physical and Social Computing
Virtualisation: Seven steps to a secure virtual environment
Network Security
Hi-index | 0.00 |
Virtualization is one of the enabling technologies of cloud computing. It turns once dedicated physical computing resources such as servers into digital resources that can be provisioned on demand. Cloud computing thus tends to replace physical with digital security controls, and cloud security must be understood in this context. In spite of extensive research on new hardware-enabled solutions such as trusted platforms, not enough is known about the actual physical-digital security trade-off in practice. In this paper, we review what is currently known about security aspects of the physical-digital trade-off, and then report on three case studies of private clouds that use virtualization technology, with the purpose of identifying generalizable guidelines for security trade-off analysis. We identify the important security properties of physical and digital resources, analyze how these have been traded off against each other in these cases, and what the resulting security properties were, and we identify limits to virtualization from a security point of view. The case studies show that physical security mechanisms all work through inertness and visibility of physical objects, whereas digital security mechanisms require monitoring and auditing. We conclude with a set of guidelines for trading off physical and digital security risks and mitigations. Finally, we show how our findings can be used to combine physical and digital security in new ways to improve virtualization and therefore also cloud security.