For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
The Wireless TCP Disconnection Management
p.1246
Well Group Connectivity Relations Discriminate Based on CART Algorithm
p.1252
An Intelligent Manufacturing System Based on WSN and RFID in Industrial Plants
p.1256
A Target Tracking Algorithm Based on Internet of Things Spatial Meshing
p.1261
Update Checker: Increasing Virtual Machine Security in Cloud Environments
p.1268
Research on Interlinkage Mechanism of Net-Manufacturing in Eco-Industrial System (EIS)
p.1274
Document Similarity Measure Based on Topic Model
p.1280
The Application and Research of C4.5 Algorithm
p.1285
Improvement and Security Analysis on Symmetric Key Authentication Protocol Needham-Schroeder
p.1289

Update Checker: Increasing Virtual Machine Security in Cloud Environments

Article Preview

Abstract:

A common approach in Infrastructure-as-a-Service Clouds or virtualized Grid computing is to provide virtual machines to customers to execute their software on remote resources. Giving full superuser permissions to customers eases the installation and use of user software, but it may lead to security issues. The providers usually delegate the task of keeping virtual machines up to date to the customers, while the customers expect the providers to perform this task. Consequently, a large number of virtual machines (either running or dormant) are not patched against the latest software vulnerabilities. The approach presented in this article deals with these problems by helping users as well as providers to keep virtual machines up to date. Prior to the update step, it is crucial to know which software is actually outdated or affected by remote security vulnerabilities. While these tasks seem to be straight forward, developing a solution that handles multiple software repositories from different vendors and identifies the correct packages is a challenging task. The Update Checker presented in this article identifies outdated software packages in virtual machines, regardless if the virtual machine is running or dormant on disk. The proposed Online Penetration Suite performs pre-rollout scans of virtual machines for security vulnerabilities using established techniques and prevents execution of flawed virtual machines.

You might also be interested in these eBooks
Applied Science, Materials Science and Information Technologies in Industry View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 513-517)

Pages:

1268-1273

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.513-517.1268

Citation:

Cite this paper

Online since:

February 2014

Authors:

R. Raghavendran*, B. Ragupathi

Keywords:

Cloud Environments, Update Checker, Virtual Machine Security

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2014 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] Armbrust M, Fox A, Griffith R, Joseph A (2009) Above the Clouds: A Berkeley View of Cloud Computing, Technical Report UCBEECS200928 53(UCB/EECS-2009-28).

Google Scholar

[2] EECS Department University of California Berkeley.

Google Scholar

[3] Smith M, Schmidt M, Fallenbeck N, Dörnemann T, Schridde C, Freisleben B (2009) Secure On-demand Grid Computing. J Future Generation Comput Syst 25(3): 315-325 Publisher Full Text.

DOI: 10.1016/j.future.2008.03.002

Google Scholar

[4] Garfinkel T, Rosenblum M (2005) When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing. 10th Workshop on Hot Topics in Operating Systems. 121-126.

Google Scholar

[5] Reimer D, Thomas A, Ammons G, Mummert T, Alpern B, Bala V (2008).

Google Scholar

[6] Schwarzkopf R, Schmidt M, Fallenbeck N, Freisleben B (2009).

Google Scholar

[7] Canonical Inc (2011) Ubuntu Advantage Landscape.

Google Scholar

[8] http: /www. canonical. com/enterprise-services/ubuntu-advantage/landscape webcite.

Google Scholar

[9] Schwarzkopf R, Schmidt M, Strack C, Freisleben B (2011).

Google Scholar

[10] ENISA European Network and Information Security Agency (2009) Cloud Computing Risk Assessment.

Google Scholar

[11] http: / / www. enisa. europa. eu/ act/ rm/ files/ deliverables/ cloud-computing-risk-assessment webcite.

Google Scholar

[12] Potter S, Nieh J (2005) AutoPod: Unscheduled System Updates with Zero Data Loss. Autonomic Computing, International Conference on. 367-368.

DOI: 10.1109/icac.2005.16

Google Scholar

[13] Sapuntzakis C, Brumley D, Chandra R, Zeldovich N, Chow J, Lam MS, Rosenblum M (2003) Virtual.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.