Examination of cloud systems’ security from virtualization perspective
KeywordsΕικονικοποίηση ; Υπολογιστικό νέφος ; Εικονικό δίκτυο ; Απειλές ; Μέτρα ασφαλείας ; Virtualization ; Cloud computing ; Virtual machine ; Host operating system ; Threats ; Virtual network ; Virtualization architecture
Nowadays, most cloud computing systems are based on virtualization. In computer science, virtualization is a broad term of computing systems and it refers to an abstraction mechanism, which aims to hide both the details of the virtualization implementation and the state of computational resources. This abstraction can cause either a resource to act as a plurality of resources (e.g. a storage device to local network server) or multiple resources to act as one (e.g. storage devices in distributed systems) . However, virtualization has vulnerabilities and threats and for this reason, it introduces an additional level of risk in cloud computing systems. The main purpose of this thesis is the study of virtualization within cloud computing environments in order to examine and record the vulnerabilities and the threats that virtualization faces. Furthermore, we will investigate the security measures, which must be adopted by cloud computing systems, so as to prevent and eliminate the threats of virtualization. Finally, we will attempt through the application of best security practices to all of the components of virtualization, which are the hypervisor, the management interface, the virtual machines and the virtual network, to achieve high level of security for the virtualization architecture, which is depicted in Figure 1. The operation of most cloud computing systems is based on this architecture. We will not refer to the security of physical assets (hardware) and host machine operating system since these are part of conventional security measures and conventional best security practices.