Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

New Research Offers Security For Virtualization, Cloud Computing

28.04.2010
Virtualization and cloud computing allow computer users access to powerful computers and software applications hosted by remote groups of servers, but security concerns related to data privacy are limiting public confidence – and slowing adoption of the new technology.

Now researchers from North Carolina State University have developed new techniques and software that may be the key to resolving those security concerns and boosting confidence in the sector.

“What we’ve done represents a significant advance in security for cloud computing and other virtualization applications,” says Dr. Xuxian Jiang, an assistant professor of computer science and co-author of the study. “Anyone interested in the virtualization sector will be very interested in our work.”

Virtualization allows the pooling of the computational power and storage of multiple computers, which can then be shared by multiple users. For example, under the cloud computing paradigm, businesses can lease computer resources from a data center to operate Web sites and interact with customers – without having to pay for the overhead of buying and maintaining their own IT infrastructures. The virtualization manager, commonly referred to as a “hypervisor,” is a type of software that creates “virtual machines” that operate in isolation from one another on a common computer. In other words, the hypervisor allows different operating systems to run in isolation from one another – even though each of these systems is using computing power and storage capability on the same computer. This is the technique that enables concepts like cloud computing to function.

One of the major threats to virtualization – and cloud computing – is malicious software that enables computer viruses or other malware that have compromised one customer’s system to spread to the underlying hypervisor and, ultimately, to the systems of other customers. In short, a key concern is that one cloud computing customer could download a virus – such as one that steals user data – and then spread that virus to the systems of all the other customers.

“If this sort of attack is feasible, it undermines consumer confidence in cloud computing,” Jiang says, “since consumers couldn’t trust that their information would remain confidential.”

But Jiang and his Ph.D. student Zhi Wang have now developed software, called HyperSafe, that leverages existing hardware features to secure hypervisors against such attacks. “We can guarantee the integrity of the underlying hypervisor by protecting it from being compromised by any malware downloaded by an individual user,” Jiang says. “By doing so, we can ensure the hypervisor’s isolation.”

For malware to affect a hypervisor, it typically needs to run its own code in the hypervisor. HyperSafe utilizes two components to prevent that from happening. First, the HyperSafe program “has a technique called non-bypassable memory lockdown, which explicitly and reliably bars the introduction of new code by anyone other than the hypervisor administrator,” Jiang says. “This also prevents attempts to modify existing hypervisor code by external users.”

Second, HyperSafe uses a technique called restricted pointer indexing. This technique “initially characterizes a hypervisor’s normal behavior, and then prevents any deviation from that profile,” Jiang says. “Only the hypervisor administrators themselves can introduce changes to the hypervisor code.”

The research was funded by the U.S. Army Research Office and the National Science Foundation. The research, “HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity,” will be presented May 18 at the 31st IEEE Symposium On Security And Privacy in Oakland, Calif.

NC State’s Department of Computer Science is part of the university’s College of Engineering.

Matt Shipman | EurekAlert!
Further information:
http://www.ncsu.edu

More articles from Information Technology:

nachricht Cutting edge research for the industries of tomorrow – DFKI and NICT expand cooperation
21.03.2017 | Deutsches Forschungszentrum für Künstliche Intelligenz GmbH, DFKI

nachricht Molecular motor-powered biocomputers
20.03.2017 | Technische Universität Dresden

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Giant Magnetic Fields in the Universe

Astronomers from Bonn and Tautenburg in Thuringia (Germany) used the 100-m radio telescope at Effelsberg to observe several galaxy clusters. At the edges of these large accumulations of dark matter, stellar systems (galaxies), hot gas, and charged particles, they found magnetic fields that are exceptionally ordered over distances of many million light years. This makes them the most extended magnetic fields in the universe known so far.

The results will be published on March 22 in the journal „Astronomy & Astrophysics“.

Galaxy clusters are the largest gravitationally bound structures in the universe. With a typical extent of about 10 million light years, i.e. 100 times the...

Im Focus: Tracing down linear ubiquitination

Researchers at the Goethe University Frankfurt, together with partners from the University of Tübingen in Germany and Queen Mary University as well as Francis Crick Institute from London (UK) have developed a novel technology to decipher the secret ubiquitin code.

Ubiquitin is a small protein that can be linked to other cellular proteins, thereby controlling and modulating their functions. The attachment occurs in many...

Im Focus: Perovskite edges can be tuned for optoelectronic performance

Layered 2D material improves efficiency for solar cells and LEDs

In the eternal search for next generation high-efficiency solar cells and LEDs, scientists at Los Alamos National Laboratory and their partners are creating...

Im Focus: Polymer-coated silicon nanosheets as alternative to graphene: A perfect team for nanoelectronics

Silicon nanosheets are thin, two-dimensional layers with exceptional optoelectronic properties very similar to those of graphene. Albeit, the nanosheets are less stable. Now researchers at the Technical University of Munich (TUM) have, for the first time ever, produced a composite material combining silicon nanosheets and a polymer that is both UV-resistant and easy to process. This brings the scientists a significant step closer to industrial applications like flexible displays and photosensors.

Silicon nanosheets are thin, two-dimensional layers with exceptional optoelectronic properties very similar to those of graphene. Albeit, the nanosheets are...

Im Focus: Researchers Imitate Molecular Crowding in Cells

Enzymes behave differently in a test tube compared with the molecular scrum of a living cell. Chemists from the University of Basel have now been able to simulate these confined natural conditions in artificial vesicles for the first time. As reported in the academic journal Small, the results are offering better insight into the development of nanoreactors and artificial organelles.

Enzymes behave differently in a test tube compared with the molecular scrum of a living cell. Chemists from the University of Basel have now been able to...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

International Land Use Symposium ILUS 2017: Call for Abstracts and Registration open

20.03.2017 | Event News

CONNECT 2017: International congress on connective tissue

14.03.2017 | Event News

ICTM Conference: Turbine Construction between Big Data and Additive Manufacturing

07.03.2017 | Event News

 
Latest News

Argon is not the 'dope' for metallic hydrogen

24.03.2017 | Materials Sciences

Astronomers find unexpected, dust-obscured star formation in distant galaxy

24.03.2017 | Physics and Astronomy

Gravitational wave kicks monster black hole out of galactic core

24.03.2017 | Physics and Astronomy

VideoLinks
B2B-VideoLinks
More VideoLinks >>>