Explain virtual machine security in cloud computing.

2 years ago
Cloud Computing

2011 ended with the popularization of an idea: Bringing VMs (virtual machines) onto the cloud. Recent years have seen great advancements in both cloud computing and virtualization On one hand there is the ability to pool various resources to provide software-as-a-service, infrastructure-as-a-service, and platform-as-a-service. At its most basic, this is what describes cloud computing. On the other hand, we have virtual machines that provide agility, flexibility, and scalability to the cloud resources by allowing the vendors to copy, move, and manipulate their VMs at will. The term virtual machine essentially describes sharing the resources of one single physical computer into various computers within itself. VMware and virtual boxes are very commonly used virtual systems on desktops. Cloud computing effectively stands for many computers pretending to be one computing environment. Obviously, cloud computing would have many virtualized systems to maximize resources.

Keeping this information in mind, we can now look into the security issues that arise within a cloud-computing scenario. As more and more organizations follow the “Into the Cloud” concept, malicious hackers keep finding ways to get their hands on valuable information by manipulating safeguards and breaching the security layers (if any) of cloud environments. One issue is that the cloud-computing scenario is not as transparent as it claims to be. The service user has no clue about how his information is processed and stored. In addition, the service user cannot directly control the flow of data/information storage and processing. The service provider usually is not aware of the details of the service running in his or her environment. Thus, possible attacks on the cloud-computing environment can be classified in to:

Resource attacks:

These kinds of attacks include manipulating the available resources into mounting a large-scale botnet attack. These kinds of attacks target either cloud providers or service providers.

Data attacks:

These kinds of attacks include unauthorized modification of sensitive data at nodes, performing configuration changes to enable a sniffing attack via a specific device etc. These attacks are focused on cloud providers, service providers, and also on service users.

Denial of Service attacks:

The creation of a new virtual machine is not a difficult task, and thus, creating rogue VMs and allocating huge spaces for them can lead to a Denial of Service attack for service providers when they opt to create a new VM on the cloud. This kind of attack is generally called virtual machine sprawling.

Backdoor:

Another threat to a virtual environment empowered by cloud computing is the use of backdoor VMs that leak sensitive information and can destroy data privacy.

Having virtual machines would indirectly allow anyone with access to the host disk files of the VM to take a snapshot or illegal copy of the whole System. This can lead to corporate espionage and piracy of legitimate products.

With so many obvious security issues (and a lot more can be added to the list), we need to enumerate some steps that can be used to secure virtualization in cloud computing.

The most neglected aspect of any organization is its physical security. An advanced social engineer can take advantage of weak physical-security policies an organization has put in place. Thus, it’s important to have a consistent, context-aware security policy when it comes to controlling access to a data center. Traffic between the virtual machines needs to be monitored closely by using at least a few standard monitoring tools.

After thoroughly enhancing physical security, it’s time to check security on the inside. A well-configured gateway should be able to enforce security when any virtual machine is reconfigured, migrated, or added. This will help prevent VM sprawls and rogue VMs. Another approach that might help enhance internal security is the use of third-party validation checks, performed in accordance with security standards.

Checking virtual systems for integrity increases the capabilities for monitoring and securing environments. One of the primary focuses of this integrity check should be the seamless integration of existing virtual systems like VMware and virtual box. This would lead to file integrity checking and increased protection against data losses within VMs. Involving agentless anti-malware intrusion detection and prevention in one single virtual appliance (unlike isolated point security solutions) would contribute greatly towards VM integrity checks. This will greatly reduce operational overhead while adding zero footprints.

A server on a cloud may be used to deploy web applications, and in this scenario, an OWASP top-ten vulnerability check will have to be performed. Data on a cloud should be encrypted with suitable encryption and data-protection algorithms. Using these algorithms, we can check the integrity of the user profile or system profile trying to access disk files on the VMs. Profiles lacking security protections can be considered infected by malware. Working with a system ratio of one user to one machine would also greatly reduce risks in virtual computing platforms. To enhance the security aspect even more, after a particular environment is used, it’s best to sanitize the system (reload) and destroy all the residual data. Using incoming IP addresses to determine scope on Windows-based machines, and using SSH configuration settings on Linux machines, will help maintain a secure one-to-one connection.

0
Dipti KC
Dipti KC
Dec 19, 2022
More related questions

1. What are the steps for creating a simple cloud application using Azure. Explain with the help of an example.

2. Write down the steps involved in deployment of an application to windows Azure cloud.

3. Explain the complete Azure life cycle in detail.

4. Explain types of storage in windows azure.

5. Write about worker role & web role while configuring an application in windows Azure.

6. Explain how to deploy application using windows Azure subscription.

7. Give the steps to create virtual machine.

8. Explain how window Azure maximize data availability and minimize security risks.

9. What is provisioning in cloud computing. How Virtual machine can be provision in Azure cloud?

10. How the cloud application deploy on to the windows Azure cloud?

11. Write a program in C# to design calculator as console based application.

12. Explain step by step how to create console application using ADO, NET? Consider any example.

13. Why there is need of ADO.Net? Explain how to use ADO.Net in any web application.

14. Give the anatomy of .ASPX page & also explain with an example how to create a web page using ASP .Net.

15. Write and explain code in ASP. NET to create login page.

16. Explain the Architecture of ADO. Net

17. Write a program in C#.net- to demonstrate object oriented concept: Design user Interface.

18. Explain object oriented concept in C# .net.

19. Explain Identity Access management.

20. Write short note on Infrastructure security in cloud Computing.

21. Write short notes on any three. a) Host Level Security b) Network Level Security c) Application Level Security d) Virtual Machine Security

22. Explain the Contracting Models in Cloud

23. Justify cloud security challenges in detail.

24. What do you mean by cloud contract? Explain in details

25. Explain Identity Access Management?

26. What are different cloud security challenges?

27. Explain the three tiers of Big data framework.

28. Explain Hadoop core component.

29. Explain with diagram HDFS architecture?

30. List the different techniques used for clustering the big data. Explain k-means clustering

31. Define big data, explain the characteristics of big data in detail.

32. Explain in steps starting & stopping Hadoop cluster.

33. Explain Hadoop Map Reduce job execution with the help of neat diagram.

34. List the characteristics of HDFS. And explain HDFS operations.

35. Explain the clustering Big data and also gives classification of Big data.

36. List & explain the advantages & limitations of different deployment models in cloud computing.

37. Define virtualization. What is the need of virtualization in cloud computing?

38. Explain the role of Networks in cloud computing and also define the various protocols used in it.

39. Explain infrastructure as a service (Iaas) using openstack/ owncloud.

40. Write in brief about virtualization applications in enterprises.

41. What do you mean by virtualization? Explain the pitfalls of virtualization.

42. Explain deployment models of cloud in detail.

43. Explain DAAS and NAAS?

44. List and explain three service model of cloud computing.

45. What are the role of web services in cloud computing?

46. Explain cloud computing architecture.(6M)(S-17)(W-18)

47. Explain the advantages & limitations of cloud computing.

48. With the help of architecture give the overview of mobile cloud.

49. Explain the challenges & legal issues in cloud computing.

50. What do you understand by cloud computing? Explain the characteristics of cloud computing.

51. What are the difference between cluster computing. grid computing and cloud computing.

52. What is cloud computing? Explain essential characteristics of cloud computing?

53. Explain with diagram cloud computing stack?

54. What are different legal issues in cloud computing?

55. Explain Virtualization Security Management and virtual Threats

56. Write short notes on Brokered cloud storage access and Storage location and tenancy.

57. Explain in detail about object storage. File systems or object storage

58. Discuss the design considerations for storage network

59. Write short notes on (i) Software Virtualization (ii) Network Virtualization

60. Explain in detail the various aspects for the need of virtualization in cloud computing.

61. Discuss the operational and economic benefits of SaaS

62. Explain in detail about cloud delivery model

63. Discuss the Regulatory Issues of Cloud Computing and the Government Policies

64. Explain briefly the security concerns of cloud computing.

65. Write short notes on origins of cloud computing.

66. What is the goal of encrypted cloud storage?

67. What is ISCSI?

68. State the limitations of virtualization.

69. State the types of hardware virtualization?

70. What is Google app engine?

71. What is PaaS?

72. State the benefits of cloud computing.

73. State any three essential characteristics of cloud computing.

74. What is GRID AND CLOUD?

75. What is Virtual Engine and Cloud Environment.

76. What is Rules Engine.

77. List out SLA MANAGEMENT IN CLOUD

78. What is Negotiation.

79. What are the steps in SLA?

80. List out Application SLA:

81. What is Admission Control?

82. What is Internal Threats

83. What is External Threats?

84. What are the SECURITY CONSIDERATIONS in cloud?

85. Role of Service Manager.

86. What is Elasticity?

87. What is Dynamic Elasticity.

88. What are the challenges in infrastructures provider?

89. List out three tier architecture.

90. What is SAP Systems?

91. What is Grid Gain?

92. What is meant by Skynet?

93. What is MapReduce.NET.

94. What is Disco in cloud computing?

95. What is Hadoop MapReduce?

96. What is Hadoop.

97. List out features of Map Reduce Model.

98. What is Map Reduce Programming Model?

99. What is Quality.

100. Note on Dynamic ICT Services.

101. What is Changing Markets?

102. What is T-System.

103. What is Basic CometCloud Operations.

104. What are the behaviors in Autonomic Cloudbursts?

105. What is Image Registration.

106. What is Fault Tolerance.

107. List out types of policies in cloudbridging.

108. What is Autonomic Cloudbriding?

109. What is Load Dynamic.

110. What is the goal of Autonomic Cloud bursting?

111. Note on CometCloud.

112. What is Resource Pool?

113. What is Workload Monitoring.

114. What are the resources in Aneka cloud?

115. What is Aneka Cloud platform?

116. What is Customer information Protection.

117. What is Logical Attacks.

118. Difference between Authentication and Authorization.

119. What is PDP.

120. Note on Data privacy protection.

121. What is Multimedia data security?

122. What is WAN.

123. What is LAN.

124. What is Job Monitoring?

125. Note on CaaS.

126. What is RVMS design.

127. What is meant by Microsoft Windows Azure?

128. What is Google App Engine?

129. What is Amazon EC2.

130. What is Leasing Model?

131. What is VM Management.

132. What is meant by anatomy of cloud computing?

133. What is Hypervisor and Xen Server?

134. What is virtual machine monitor?

135. List out types of Virtualization in Cloud Computing

136. What is Virtualization Technology?

137. What is VLAN.

138. What is Transition Challenges?

139. Define Cloud Supply chain.

140. What is Google app engine?

141. What is virtualization?

142. What are the challenges of SaaS Paradigm?

143. Why we use Migrating?

144. What is mean by migrating in cloud computing?

145. Write down note on PaaS?

146. What is mean by IaaS?

147. What is mean by SaaS?

148. Note on Hybrid cloud.

149. What did you meant by community cloud?

150. 4. What is Public cloud?

151. What are the types in cloud services?

152. What is Cloud computing?

153. List out the Phases of CDLC.

154. What is CDLC.

155. What is known as Network Virtualization?

156. Define Server Virtualization.

157. Define Cloud Stack.

158. What are the Components of a Virtual Network?

159. List out the primary types of Storage Virtualization.

160. What is Clustering?

161. List out the Disadvantage of OS Virtualization.

162. What are the Advantages of OS Virtualization?

163. List out the Need for Server Virtualization

164. What are the types of Virtualization?

165. Define Virtual Machine

166. What is Virtualization?

167. Define Cloud Federation.

168. List out the three key Principles of Cloud Computing.

169. What is called Combined Cloud?

170. What are Factors to be considered which designed Cloud based Architecture?

171. What is CDM?

172. List out the types on Cloud is based on its infrastructure.

173. What are the Four types of Cloud Services available in IBM Company?

174. What are the pros and cors of Cloud Computing and Cloud basic Device?

175. What is SaaS?

176. What is PaaS?

177. What is the Step to get Cloud Computing infrastructure for his Business?

178. What are the other Cloud-related techniques?

179. What are Models in Cloud Service?

180. What is Private Cloud?

181. What is Public Cloud?

182. What are the types of Cloud Computing for the Business Purpose?

183. What is the area to process the Cloud Migrations?

184. What are the Disadvantage of Cloud Computing?

185. What are the Advantage of Cloud Computing?

186. What are the types of Cloud Computing?

Questions Bank

View all Questions