Presented by: Reem Alshahrani

Outlines

• What is Virtualization • Virtual environment components • Advantages• Security Challenges in virtualized environments • How to improve security • Conclusion • References

What is Virtualization

• Virtualization is the creation of a virtual version of something, such as an operating system, a server, a storage device or network resources. • Run multiple operating systems and

applications on a single server.

Virtual environment components

• Server: a physical platform to host the virtual machines • Virtual Machine Monitor (VMM): Provides a layer of software

between the virtual machines and the server (e.g. Vmware, Virtual box and Xen) • Virtual machines: entirely encapsulates the state of the guest

operating system running inside it. • Encapsulated machine state can be copied, shared and modified like a

normal file. • Number of virtual machines on a server is limited by the servers

capabilities

Advantages Better Resource Utilization, save energy and Isolate applications (security)

Robust, affordable high availability and Improve disaster recovery

Rapid adoption in many computing environments such as Virtualized networks and Network Function Virtualization

Security in Virtualized environments

• Flexibility brought up a lot of challenges. • Numbers, locations, configurations of hosts are dynamic

Unpredictable growth of VMs

• Unpredictable growth of VMs can significantly multiply the effect of catastrophic events (worm attacks and scanning for vulnerabilities)

• Management in Virtualized environment usually done manually.

• VMs appear and disappear dynamically based on need. • Therefore, when a virus hits a VM, it will highly likely infect

other VMs. • At this point, identifying the infected VMs is difficult

because of their dynamic nature. • That makes detecting, cleaning and patching the VMs a

difficult task • Therefore, viruses tend to stay longer in the VMs.

Security and usability

• The VMs are designed to increase the availability of the system. • Viruses and vulnerability scanning, patching, and machine

configurations contradict with this goal • This results in users ignoring the regular maintenance of their VMs. • Thus, increasing the number of vulnerable and infected machines.

Rolling Back

• Some of the useful features such as Rollback have harmful interactions with existing security mechanisms and protocols • It can re-expose patched vulnerabilities. • Re-enable previously disabled accounts or passwords • Reintroduce worms, viruses and other malicious code that had been

previously removed. • Can restore already deleted sensitive data.

Diversity

• Many IT organizations tackle security problems by enforcing homogeneity: all machines must run the most current patched software. • VMs can facilitate more efficient usage models which derive benefit

from running unpatched or older versions of software.• This create a range of problems as one must try and maintain patches

or other protection for a wide range of OSes.• Dealing with the risk of having many unpatched machines on the

network. • It makes patch management more difficult.

Mobility

• VMs provide mobility similar to a normal file. • The TCB of a normal platform consists of the hardware and the software

stack• The TCB of VMs consists of all the hosts that a VM has to run on. • This can make it very difficult to figure out how far a compromise has

extended. • Moving VMs of unknown configurations into another secured server is

risky.• More vulnerable to theft and data loss since the whole computing

environment can be moved on a USB.

Solution

• Introducing a virtualized layer and moving many of the security and management functions of the VMs into this layer. • That allows administrators to flexibly re-introduce the constraints that

virtualization relaxes on mobility and data lifetime. Facilitate the automation of management tasks and performed while VMs are offline. To improve the usability, scalability and flexibility.

Conclusion

• Implementing a virtualized environment is increasing. • Current research is focusing on virtualization implementation and

applications. • Further research is needed to address the security problems in this

dynamic environment.

References

• Garfinkel, Tal, and Mendel Rosenblum. "When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments." HotOS. 2005.