Security Implications of Virtualization: A Literature Study

A. van Cleeff, Wolter Pieters, Roelf J. Wieringa

    Research output: Book/ReportReportProfessional

    35 Citations (Scopus)
    480 Downloads (Pure)

    Abstract

    Data centers accumulate corporate and personal data at a rapid pace. Driven by economy of scale and the high bandwidth of today's network connections, more and more businesses and individuals store their data remotely. Server virtualization is an important technology to facilitate this process, allowing dedicated hardware to be turned into resources that can be used on demand. However this technology is still under development and therefore, in spite of its increasingly important role, the overall security impact of virtualization is not yet completely known. To remedy this situation, we have performed a systematic literature review on virtualization, and decomposed the virtualization technology into distinct features, which are dependent on each other, but also have individual positive and negative effects on security. Our study shows that, given adequate management, the core virtualization technology has a clear positive effect on availability, but that the effect on confidentiality and integrity is less positive. Virtualized systems tend to lose the properties of location-boundedness, uniqueness and monotonicity. In order to ensure corporate and private data security, we propose to either remove or tightly manage non-essential features such as introspection, rollback and transfer.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherCentre for Telematics and Information Technology (CTIT)
    Number of pages9
    Publication statusPublished - 25 Jun 2009

    Publication series

    NameCTIT Technical Report Series
    PublisherCentre for Telematics and Information Technology, University of Twente
    No.TR-CTIT-09-25
    ISSN (Print)1381-3625

    Keywords

    • SCS-Cybersecurity
    • SCS-Services
    • EWI-15485
    • METIS-263899
    • virtualization
    • Security
    • IR-67484

    Cite this