The paper presents a survey and analysis of the current security measures implemented in cloud computing and\r\nthe hypervisors that support it. The viability of an efficient virtualization layer has led to an explosive growth in the\r\ncloud computing industry, exemplified by Amazon�s Elastic Cloud, Apple�s iCloud, and Google�s Cloud Platform.\r\nHowever, the growth of any sector in computing often leads to increased security risks. This paper explores these\r\nrisks and the evolution of mitigation techniques in open source cloud computing. Unlike uniprocessor security, the\r\nuse of a large number of nearly identical processors acts as a vulnerability amplifier: a single vulnerability being\r\nreplicated thousands of times throughout the computing infrastructure. Currently, the community is employing a\r\ndiverse set of techniques in response to the perceived risk. These include malware prevention and detection, secure\r\nvirtual machine managers, and cloud resilience. Unfortunately, this approach results in a disjoint response based\r\nmore on detection of known threats rather than mitigation of new or zero-day threats, which are often left\r\nundetected. An alternative way forward is to address this issue by leveraging the strengths from each technique in\r\ncombination with a focus on increasing attacker workload. This approach would make malicious operation time\r\nconsuming and deny persistence on mission time-scales. It could be accomplished by incorporating migration,\r\nnon-determinism, and resilience into the fabric of virtualization.
Loading....