Security Implications of Virtualization: A Literature Study

Abstract

Server virtualization is a key technology for today's data centers, allowing dedicated hardware to be turned into resources that can be used on demand.However, in spite of its important role, the overall security impact of virtualization is not well understood.To remedy this situation, we have performed a systematic literature review on the security effects of virtualization. Our study shows that, given adequate management, the core virtualization technology has a clear positive effect on availability, but that the effect on confidentiality and integrity is less positive. Virtualized systems tend to lose the properties of location-boundedness, uniqueness and monotonicity.In order to ensure corporate and private data security, we propose to either remove or tightly manage non-essential features such as introspection, rollback and transfer.
Original languageUndefined
Title of host publication2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3
Place of PublicationLos Alamitos, CA, USA
PublisherIEEE Computer Society
Pages353-358
Number of pages6
ISBN (Print)978-0-7695-3823-5
DOIs
StatePublished - 2009

Publication series

NameIEEE International Conference on Computational Science and Engineering
PublisherIEEE Computer Society
Volume3

Fingerprint

Security of data
Servers
Availability
Hardware

Keywords

  • METIS-264070
  • IR-68164
  • Security
  • SCS-Cybersecurity
  • security properties
  • virtualization
  • SCS-Services
  • EWI-16158

Cite this

van Cleeff, A., Pieters, W., & Wieringa, R. J. (2009). Security Implications of Virtualization: A Literature Study. In 2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3 (pp. 353-358). [10.1109/CSE.2009.267] (IEEE International Conference on Computational Science and Engineering; Vol. 3). Los Alamitos, CA, USA: IEEE Computer Society. DOI: 10.1109/CSE.2009.267

van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J. / Security Implications of Virtualization: A Literature Study.

2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3. Los Alamitos, CA, USA : IEEE Computer Society, 2009. p. 353-358 10.1109/CSE.2009.267 (IEEE International Conference on Computational Science and Engineering; Vol. 3).

Research output: Scientific - peer-reviewConference contribution

@inbook{19dda6d0841b4f86a117b55c91a65134,
title = "Security Implications of Virtualization: A Literature Study",
abstract = "Server virtualization is a key technology for today's data centers, allowing dedicated hardware to be turned into resources that can be used on demand.However, in spite of its important role, the overall security impact of virtualization is not well understood.To remedy this situation, we have performed a systematic literature review on the security effects of virtualization. Our study shows that, given adequate management, the core virtualization technology has a clear positive effect on availability, but that the effect on confidentiality and integrity is less positive. Virtualized systems tend to lose the properties of location-boundedness, uniqueness and monotonicity.In order to ensure corporate and private data security, we propose to either remove or tightly manage non-essential features such as introspection, rollback and transfer.",
keywords = "METIS-264070, IR-68164, Security, SCS-Cybersecurity, security properties, virtualization, SCS-Services, EWI-16158",
author = "{van Cleeff}, A. and Wolter Pieters and Wieringa, {Roelf J.}",
note = "10.1109/CSE.2009.267",
year = "2009",
doi = "10.1109/CSE.2009.267",
isbn = "978-0-7695-3823-5",
series = "IEEE International Conference on Computational Science and Engineering",
publisher = "IEEE Computer Society",
pages = "353--358",
booktitle = "2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3",
address = "United States",

}

van Cleeff, A, Pieters, W & Wieringa, RJ 2009, Security Implications of Virtualization: A Literature Study. in 2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3., 10.1109/CSE.2009.267, IEEE International Conference on Computational Science and Engineering, vol. 3, IEEE Computer Society, Los Alamitos, CA, USA, pp. 353-358. DOI: 10.1109/CSE.2009.267

Security Implications of Virtualization: A Literature Study. / van Cleeff, A.; Pieters, Wolter; Wieringa, Roelf J.

2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3. Los Alamitos, CA, USA : IEEE Computer Society, 2009. p. 353-358 10.1109/CSE.2009.267 (IEEE International Conference on Computational Science and Engineering; Vol. 3).

Research output: Scientific - peer-reviewConference contribution

TY - CHAP

T1 - Security Implications of Virtualization: A Literature Study

AU - van Cleeff,A.

AU - Pieters,Wolter

AU - Wieringa,Roelf J.

N1 - 10.1109/CSE.2009.267

PY - 2009

Y1 - 2009

N2 - Server virtualization is a key technology for today's data centers, allowing dedicated hardware to be turned into resources that can be used on demand.However, in spite of its important role, the overall security impact of virtualization is not well understood.To remedy this situation, we have performed a systematic literature review on the security effects of virtualization. Our study shows that, given adequate management, the core virtualization technology has a clear positive effect on availability, but that the effect on confidentiality and integrity is less positive. Virtualized systems tend to lose the properties of location-boundedness, uniqueness and monotonicity.In order to ensure corporate and private data security, we propose to either remove or tightly manage non-essential features such as introspection, rollback and transfer.

AB - Server virtualization is a key technology for today's data centers, allowing dedicated hardware to be turned into resources that can be used on demand.However, in spite of its important role, the overall security impact of virtualization is not well understood.To remedy this situation, we have performed a systematic literature review on the security effects of virtualization. Our study shows that, given adequate management, the core virtualization technology has a clear positive effect on availability, but that the effect on confidentiality and integrity is less positive. Virtualized systems tend to lose the properties of location-boundedness, uniqueness and monotonicity.In order to ensure corporate and private data security, we propose to either remove or tightly manage non-essential features such as introspection, rollback and transfer.

KW - METIS-264070

KW - IR-68164

KW - Security

KW - SCS-Cybersecurity

KW - security properties

KW - virtualization

KW - SCS-Services

KW - EWI-16158

U2 - 10.1109/CSE.2009.267

DO - 10.1109/CSE.2009.267

M3 - Conference contribution

SN - 978-0-7695-3823-5

T3 - IEEE International Conference on Computational Science and Engineering

SP - 353

EP - 358

BT - 2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3

PB - IEEE Computer Society

ER -

van Cleeff A, Pieters W, Wieringa RJ. Security Implications of Virtualization: A Literature Study. In 2009 IEEE International Conference on Computational Science and Engineering (CSE09), volume 3. Los Alamitos, CA, USA: IEEE Computer Society. 2009. p. 353-358. 10.1109/CSE.2009.267. (IEEE International Conference on Computational Science and Engineering). Available from, DOI: 10.1109/CSE.2009.267