Data centers accumulate corporate and personal data at a rapid pace. Driven by economy of scale and the high bandwidth of today's network connections, more and more businesses and individuals store their data remotely. Server virtualization is an important technology to facilitate this process, allowing dedicated hardware to be turned into resources that can be used on demand. However this technology is still under development and therefore, in spite of its increasingly important role, the overall security impact of virtualization is not yet completely known.
To remedy this situation, we have performed a systematic literature review on virtualization, and decomposed the virtualization technology into distinct features, which are dependent on each other, but also have individual positive and negative effects on security.
Our study shows that, given adequate management, the core virtualization technology has a clear positive effect on availability, but that the effect on confidentiality and integrity is less positive. Virtualized systems tend to lose the properties of location-boundedness, uniqueness and monotonicity. In order to ensure corporate and private data security, we propose to either remove or tightly manage non-essential features such as introspection, rollback and transfer.
|Name||CTIT Technical Report Series|
|Publisher||Centre for Telematics and Information Technology, University of Twente|