Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

New Research Offers Security For Virtualization, Cloud Computing

28.04.2010
Virtualization and cloud computing allow computer users access to powerful computers and software applications hosted by remote groups of servers, but security concerns related to data privacy are limiting public confidence – and slowing adoption of the new technology.

Now researchers from North Carolina State University have developed new techniques and software that may be the key to resolving those security concerns and boosting confidence in the sector.

“What we’ve done represents a significant advance in security for cloud computing and other virtualization applications,” says Dr. Xuxian Jiang, an assistant professor of computer science and co-author of the study. “Anyone interested in the virtualization sector will be very interested in our work.”

Virtualization allows the pooling of the computational power and storage of multiple computers, which can then be shared by multiple users. For example, under the cloud computing paradigm, businesses can lease computer resources from a data center to operate Web sites and interact with customers – without having to pay for the overhead of buying and maintaining their own IT infrastructures. The virtualization manager, commonly referred to as a “hypervisor,” is a type of software that creates “virtual machines” that operate in isolation from one another on a common computer. In other words, the hypervisor allows different operating systems to run in isolation from one another – even though each of these systems is using computing power and storage capability on the same computer. This is the technique that enables concepts like cloud computing to function.

One of the major threats to virtualization – and cloud computing – is malicious software that enables computer viruses or other malware that have compromised one customer’s system to spread to the underlying hypervisor and, ultimately, to the systems of other customers. In short, a key concern is that one cloud computing customer could download a virus – such as one that steals user data – and then spread that virus to the systems of all the other customers.

“If this sort of attack is feasible, it undermines consumer confidence in cloud computing,” Jiang says, “since consumers couldn’t trust that their information would remain confidential.”

But Jiang and his Ph.D. student Zhi Wang have now developed software, called HyperSafe, that leverages existing hardware features to secure hypervisors against such attacks. “We can guarantee the integrity of the underlying hypervisor by protecting it from being compromised by any malware downloaded by an individual user,” Jiang says. “By doing so, we can ensure the hypervisor’s isolation.”

For malware to affect a hypervisor, it typically needs to run its own code in the hypervisor. HyperSafe utilizes two components to prevent that from happening. First, the HyperSafe program “has a technique called non-bypassable memory lockdown, which explicitly and reliably bars the introduction of new code by anyone other than the hypervisor administrator,” Jiang says. “This also prevents attempts to modify existing hypervisor code by external users.”

Second, HyperSafe uses a technique called restricted pointer indexing. This technique “initially characterizes a hypervisor’s normal behavior, and then prevents any deviation from that profile,” Jiang says. “Only the hypervisor administrators themselves can introduce changes to the hypervisor code.”

The research was funded by the U.S. Army Research Office and the National Science Foundation. The research, “HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity,” will be presented May 18 at the 31st IEEE Symposium On Security And Privacy in Oakland, Calif.

NC State’s Department of Computer Science is part of the university’s College of Engineering.

Matt Shipman | EurekAlert!
Further information:
http://www.ncsu.edu

More articles from Information Technology:

nachricht Magnetic Quantum Objects in a "Nano Egg-Box"
25.07.2017 | Universität Wien

nachricht 3-D scanning with water
24.07.2017 | Association for Computing Machinery

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Physicists Design Ultrafocused Pulses

Physicists working with researcher Oriol Romero-Isart devised a new simple scheme to theoretically generate arbitrarily short and focused electromagnetic fields. This new tool could be used for precise sensing and in microscopy.

Microwaves, heat radiation, light and X-radiation are examples for electromagnetic waves. Many applications require to focus the electromagnetic fields to...

Im Focus: Carbon Nanotubes Turn Electrical Current into Light-emitting Quasi-particles

Strong light-matter coupling in these semiconducting tubes may hold the key to electrically pumped lasers

Light-matter quasi-particles can be generated electrically in semiconducting carbon nanotubes. Material scientists and physicists from Heidelberg University...

Im Focus: Flexible proximity sensor creates smart surfaces

Fraunhofer IPA has developed a proximity sensor made from silicone and carbon nanotubes (CNT) which detects objects and determines their position. The materials and printing process used mean that the sensor is extremely flexible, economical and can be used for large surfaces. Industry and research partners can use and further develop this innovation straight away.

At first glance, the proximity sensor appears to be nothing special: a thin, elastic layer of silicone onto which black square surfaces are printed, but these...

Im Focus: 3-D scanning with water

3-D shape acquisition using water displacement as the shape sensor for the reconstruction of complex objects

A global team of computer scientists and engineers have developed an innovative technique that more completely reconstructs challenging 3D objects. An ancient...

Im Focus: Manipulating Electron Spins Without Loss of Information

Physicists have developed a new technique that uses electrical voltages to control the electron spin on a chip. The newly-developed method provides protection from spin decay, meaning that the contained information can be maintained and transmitted over comparatively large distances, as has been demonstrated by a team from the University of Basel’s Department of Physics and the Swiss Nanoscience Institute. The results have been published in Physical Review X.

For several years, researchers have been trying to use the spin of an electron to store and transmit information. The spin of each electron is always coupled...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Clash of Realities 2017: Registration now open. International Conference at TH Köln

26.07.2017 | Event News

Closing the Sustainability Circle: Protection of Food with Biobased Materials

21.07.2017 | Event News

»We are bringing Additive Manufacturing to SMEs«

19.07.2017 | Event News

 
Latest News

Programming cells with computer-like logic

27.07.2017 | Life Sciences

Identified the component that allows a lethal bacteria to spread resistance to antibiotics

27.07.2017 | Life Sciences

Malaria Already Endemic in the Mediterranean by the Roman Period

27.07.2017 | Health and Medicine

VideoLinks
B2B-VideoLinks
More VideoLinks >>>