New research offers security for virtualization, cloud computing

Jun 2, 2010 Author admin

Virtualization and cloud computing allow computer users access to powerful computers and software applications hosted by remote groups of servers, but security concerns related to data privacy are limiting public confidence – and slowing adoption of the new technology. Now researchers from North Carolina State University have developed new techniques and software that may be the key to resolving those security concerns and boosting confidence in the sector.

“What we’ve done represents a significant advance in security for cloud computing and other virtualization applications,” says Dr. Xuxian Jiang, an assistant professor of computer science and co-author of the study. “Anyone interested in the virtualization sector will be very interested in our work.”

Virtualization allows the pooling of the computational power and storage of multiple computers, which can then be shared by multiple users. For example, under the cloud computing paradigm, businesses can lease computer resources from a data center to operate Web sites and interact with customers – without having to pay for the overhead of buying and maintaining their own IT infrastructures. The virtualization manager, commonly referred to as a “hypervisor,” is a type of software that creates “virtual machines” that operate in isolation from one another on a common computer. In other words, the hypervisor allows different operating systems to run in isolation from one another – even though each of these systems is using computing power and storage capability on the same computer. This is the technique that enables concepts like cloud computing to function.

One of the major threats to virtualization – and cloud computing – is malicious software that enables computer viruses or other malware that have compromised one customer’s system to spread to the underlying hypervisor and, ultimately, to the systems of other customers. In short, a key concern is that one cloud computing customer could download a virus – such as one that steals user data – and then spread that virus to the systems of all the other customers.

“If this sort of attack is feasible, it undermines consumer confidence in cloud computing,” Jiang says, “since consumers couldn’t trust that their information would remain confidential.”

But Jiang and his Ph.D. student Zhi Wang have now developed software, called HyperSafe, that leverages existing hardware features to secure hypervisors against such attacks. “We can guarantee the integrity of the underlying hypervisor by protecting it from being compromised by any malware downloaded by an individual user,” Jiang says. “By doing so, we can ensure the hypervisor’s isolation.”

For malware to affect a hypervisor, it typically needs to run its own code in the hypervisor. HyperSafe utilizes two components to prevent that from happening. First, the HyperSafe program “has a technique called non-bypassable memory lockdown, which explicitly and reliably bars the introduction of new code by anyone other than the hypervisor administrator,” Jiang says. “This also prevents attempts to modify existing hypervisor code by external users.”

Second, HyperSafe uses a technique called restricted pointer indexing. This technique “initially characterizes a hypervisor’s normal behavior, and then prevents any deviation from that profile,” Jiang says. “Only the hypervisor administrators themselves can introduce changes to the hypervisor code.”

Comments (0)

Leave a Reply:

RSS Innovation Africa

  • UNECA-Leadership Through Innovation-Part I
    I recently contacted United Nations Economic Commission for Africa (UNECA), Addis Ababa, Ethiopia and submitted our questions to Ms Aida Opoku-Mensah, Director – ICT, Science and Technology Division (ISTD). The purpose of our interview was to assess the work of the organization in pushing the innovation agenda across the continent. The interview is divided i […]
  • UNECA-Leadership Through Innovation-Part II
    Innovation Africa: I am impressed with the objectives of the second Science with Africa conference. These three objectives are exactly what is needed to make research, invention and new practices to innovation. It highlights the fact that innovation is a multi-stage process. What is UNECA doing to support research in Africa? There are a number of initiatives […]
  • High-speed filter uses electrified nanostructures to purify water at low cost
    By dipping plain cotton cloth in a high-tech broth full of silver nanowires and carbon nanotubes, Stanford researchers have developed a new high-speed, low-cost filter that could easily be implemented to purify water in the developing world. Instead of physically trapping bacteria as most existing filters do, the new filter lets them flow on through with the […]

RSS African Content

  • Demand for frogs rising in West Africa
    The demand for frogs for human consumption is rising dramatically in parts of West Africa, according to a paper published in the latest issue of theTRAFFIC Bulletin. Dried or fried: amphibians in local and regional food market in West Africa describes the frog trade in Burkina Faso, Benin and Nigeria, based on interviews with local fishermen, collectors, mar […]
  • African Union science awards to change name
    Image via Wikipedia The African Union Scientific Awards, some of which are scheduled to be given later this week (9 September), will be officially renamed at the ceremony as the African Union Kwame Nkrumah Scientific Awards in order to increase the AU’s international visibility. AU leaders reached their decision to change the prizes’ name, which will be effe […]

RSS WADN

  • Simple injection could save the lives of thousands of accident victims worldwide
    If recently injured patients with serious bleeding were to receive a cheap, widely available and easily administered drug to help their blood to clot, tens of thousands of lives could be saved every year If recently injured patients with serious … Continue reading → […]
  • Study challenges value of oxygen therapy in end-of-life care
    DURHAM, N.C. – Millions of patients with advanced disease in palliative care settings receive oxygen therapy to help them breathe more easily. But a new study from Duke University Medical Center says roughly half of them don’t benefit from the … Continue reading → […]
  • A Novel Small Molecule Inhibitor of Hepatitis C Virus Entry
    Author Summary Approximately 170 million people worldwide are chronically infected with hepatitis C virus (HCV), which is a leading cause of chronic liver disease. Current treatments are not optimal; however, several molecules that inhibit HCV replication are in development. However, … Continue reading → […]

RSS MedNews Africa

RSS African Consultants

  • Evaluating the Carbon-Reducing Impacts of ICT
    Image via Wikipedia Report The information and communications technology industry has tremendous potential to improve energy efficiency, cut carbon emissions, and mitigate climate change. But it is necessary to have a common yardstick for assessing carbon emissions savings arising from such solutions as smart motors, smart logistics, smart buildings, and sma […]
  • Cloud Computing in Large Enterprises
    Image via Wikipedia White Paper Many companies are realizing sizable gains in cost and efficiency from cloud computing. Others are building potentially disruptive new business models. It is too early to say whether the cloud will upend business strategies, as the Web did in the 1990s, but it is not too soon to be prepared. Go to Source Related articles by Ze […]
Viator