reliable migration module in trusted cloud based on security level - design and implementation

ISCAS OpenIR

	reliable migration module in trusted cloud based on security level - design and implementation
	Chen Ying; Shen Qingni; Sun Pengfei; Li Yangwei; Chen Zhong; Qing Sihan
	2012
会议名称	2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2012
会议录名称	Proceedings of the 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops, IPDPSW 2012
页码	2230-2236
会议日期	May 21, 2012 - May 25, 2012
会议地点	Shanghai, China
收录类别	EI
ISBN	9780769546766
部门归属	(1) School of Software and Microelectronics Peking University Beijing China; (2) MoE Key Lab. of Network and Software Assurance Peking University Beijing China; (3) Institute of Software Chinese Academy of Sciences Beijing China
摘要	Infrastructure as a Service (IaaS), basically consists on the deliverance of virtual machines (VMs) to an IaaS provider, who can rise or shrink the number of VMs so as to offer fast and easy scalability according to variable workloads. However, according to the principle of Buckets Effect, the safety of the entire system relies on its most fragile component. This problem also exists in IaaS cloud. There are many VMs which co-exist in the same physical machine, but they may adopt different security protection. So this could lead VMs with the higher security requirement degrade to the lowest security level. In order to address these issues, we propose Trusted Cloud based on Security Level (TCSL), which is an integrated, secured and trusted architecture based on logical VMs' union, to separate the VMs with different sensitive and security needs from the whole cloud environment, and to meet different customer's security requirements. Experimental results demonstrate that these approaches are effective in isolating the resources with the same security requirements in a shared trusted zone which is built based on different security level. When resources need to migrate to the trusted zone, the Reliable Migration Policies will be automatically enforced and match the migrating resource to an applicable trusted zone in cloud or return a feedback concerning a suggestion. With Reliable Migration Protocol, the secure process of the migrating transaction can be guaranteed in IaaS cloud. © 2012 IEEE.; Infrastructure as a Service (IaaS), basically consists on the deliverance of virtual machines (VMs) to an IaaS provider, who can rise or shrink the number of VMs so as to offer fast and easy scalability according to variable workloads. However, according to the principle of Buckets Effect, the safety of the entire system relies on its most fragile component. This problem also exists in IaaS cloud. There are many VMs which co-exist in the same physical machine, but they may adopt different security protection. So this could lead VMs with the higher security requirement degrade to the lowest security level. In order to address these issues, we propose Trusted Cloud based on Security Level (TCSL), which is an integrated, secured and trusted architecture based on logical VMs' union, to separate the VMs with different sensitive and security needs from the whole cloud environment, and to meet different customer's security requirements. Experimental results demonstrate that these approaches are effective in isolating the resources with the same security requirements in a shared trusted zone which is built based on different security level. When resources need to migrate to the trusted zone, the Reliable Migration Policies will be automatically enforced and match the migrating resource to an applicable trusted zone in cloud or return a feedback concerning a suggestion. With Reliable Migration Protocol, the secure process of the migrating transaction can be guaranteed in IaaS cloud. © 2012 IEEE.
关键词	Cloud Computing
主办者	IEEE Computer Society Technical Committee on Parallel Processing
语种	英语
内容类型	会议论文
URI标识	http://ir.iscas.ac.cn/handle/311060/15740
专题	中国科学院软件研究所
推荐引用方式 GB/T 7714	Chen Ying,Shen Qingni,Sun Pengfei,et al. reliable migration module in trusted cloud based on security level - design and implementation[C],2012:2230-2236.