2012 International Conference on Radar, Communication and Computing (ICRCC),
SKP Engineering College, Tiruvannamalai, TN., India. 21 - 22 December, 2012. pp.254-256.
Security Issues in Virtualization Environment
R. Anand1, S. Sarswathi2 and R. Regan3
Abstract Security Issues are the principle concerns
1
of virtualization technology when there is an data
transfer and application access from one virtual
machine to another, as it is a decisive threat for
efficiency. Todays IT intension is to have an outlook
for the virtualization technology that allows the
business world to run with fewer resources. Still there
exist certain virtualization issues when normal
applications and virtual applications are made
available to run in an virtual environment. Security
issues among virtual machines, virtual applications,
and physical machines are noticeable. Following above
issues has been dealt with, to enhance the efficiency of
virtual environment.
Keywords Security in virtualization, Privacy, Virtual
Machine
I. INTRODUCTION
A Virtual Machine (VM) is the virtualized
representation of a physical machine that is run and
maintained on a host by a software virtual machine
monitor or
Hypervisor VMs have significant security
implications. A primary concern is to ensure whether the
proper virtual environment is operating within a VM and
the VM is configured properly. Another concern is of
virtual machines specific vulnerabilities that can be
exploited to mount attacks specialized to subvert the built
in defences of the guest operating systems[1]. With
virtualization, a single physical machine can be divided or
partitioned into multiple VMs. This provides each VM
with better security isolation and each partition is
protected from the possibility of Denial of Service (DoS)
attacks [2]from other partitions and also the security
attacks in one VM are completely isolated and contained
from affecting the other VM.
1
Research Scholar, Computer Science and Engineering,
Manonmaniam Sundaranar University, Tirunelveli,
Tamilnadu, India. Email: nowhereanand@yahoo.com
2
Information Technology, Pondicheery Engineering College,
Pondicherry, India. Email: swathimuk@yahoo.com
3
Computer Science and Engineering, University College of
Engineering, Panruti, India. Email: reganr85@gmail.com
978-1-4673-2758-9/12/$31.00 2012 IEEE
II. ISSUES BETWEEN VIRTUAL MACHINE
AND PHYSICAL MACHINE
Virtualization technology is mainly intended for less
hardware usage. Still there are some of the issues that
have been identified while physical machine host number
of virtual machines[3]. Though hardware requirements
have been minimized in case of running number of
physical machines in a single physical host, there exist
security issues[4] between physical machine and the
virtual machines. For example if number of servers is
running on one physical machine and if RAID controller
wipes out all hard disk then there is a loss of data and the
information. This is because of an issue with security
among virtual machines running on a single physical
host[5]. Growth of number of virtual machines in a
physical machine is made easy. But assigning
administrator for each virtual machine to manage it is a
difficult task such that providing an security and
reliability for VMs.
Since every feature of application software behaves
differently in a virtualized environment resource
requirement are different from softwares running in a
physical machine[7][8]. Managing virtual machines are
the primary task in providing security.
III. ISSUES BETWEEN VIRTUAL MACHINES
AND VIRTUAL APPLICATIONS
By allowing the virtual machines for a computer to
run several applications at the same time, the computer
could be running several different virtual applications of
the same software simultaneously. While virtual machines
enables servers to perform task and run more virtual
applications it can also consume much more time be more
laborious for the team that runs it. Although applications
are remote, managers still have to follow and monitor
files, applications, data and storage. The virtual machine
can increase the workload because there are many more
points to manage and analyze Security and access are
some things that should also be monitored to monitor loss
or theft of data in a virtual or remote environment. The
transfer information of and the need for computers or
physical servers to interact remotely should also be
monitored continuously.
As depicted in the figure1 Virtual environment is
created in a physical system where there are number of
virtual machines in a single physical host. Each virtual
machine has number of virtual applications running which
254
 Security Issues in Virtualization Environment
ADMIN ADMIN
SECURED VIRTUAL ENVIRONMENT
VA VA VA
VM VM
PHYSICAL MACHINE
Fig. 1. Role of Administrator in Virtual Environment
is managed by the administrator. As discussed earlier the
task of creating a virtual machine is made easier. With the
increasing growth of VMs in a single physical machine
security issues among them increases proportionately with
respect to resources and administrator. Each virtual
machine should be assigned an administrator who is
responsible for the managing and controlling its task.
Every virtual machine contains separate admin control
.Admin has list of approved written policies, procedures,
standards of the virtual machines and applications such
that it provides access control mechanism, identification
and authentication to access the virtual machine and
virtual applications. Admin also restricts the non
reputation of application access thereby protecting the
virtual environment.
VM consists of a virtual application in order to
maximize the performance of the application, and makes
the appliance smaller and possibly more secure. In this
context, virtual machines have virtual application which
provides data security, virtualization, and virtual privacy
among these virtual applications. The client machines and
other PDAs depend on the VM in order to access the
virtual application in a virtual infrastructure.
Administrator of VM restricts the client to access the
application in a variety of ways.
Virtual privacy is provided among the client machines
so that any client is secure from any other client
machines. By means of virtual security one virtual
machine is isolated from other virtual machines that run
in the general operating systems of a physical machine.
The virtual security is also provided among the virtual
applications. The ultimate goal of virtualization
administrator is to secure the entire virtual environment.
The compromise of virtualization layer (virtual
machine monitor or hypervisor) that exist between the
physical machine and virtual machine leads to
compromise of all hosted workloads and its security. In
ADMIN ADMIN
VA VA VA VAA VAA
VM VM
HYPERVISOR
this situation the virtualization layer is vulnerable which
can be easily affected by threat thereby decreasing the
security of whole virtual environment.
For efficiency in communication between VMs most
virtualization platforms include the ability to create
software based virtual networks and switches inside the
physical host to enable VMs to communicate directly.
This traffic will not be visible to network-based security
protection devices. Existing security mechanisms may
not coincide with virtual environment, hence virtual
environment is in secure.
IV. SECURING ALL ELEMENTS OF VIRTUAL
ENVIRONMENT AND MAINTAINING SECURITY
The security of a virtualization solution is heavily
dependent on the individual security of each component,
from the hypervisor and host OS to guest OSs,
applications and storage. Sound security practices must be
established such as keeping software up-to-date with
security patches, using secure configuration baselines,
antivirus softwares or other appropriate mechanism to
detect or stop attacks.
V. RESTRICTING AND PROTECTING ADMINISTRATOR
ACCESS TO THE VIRTUALIZATION SOLUTION
The security of the entire virtual infrastructure relies
on the security of virtualization management system that
controls the hypervisor and allows the operator to create
new guest OS and perform other administrative actions.
Some virtualization products offer multiple ways to
manage hypervisors; each management interface should
be secured, whether locally or remotely accessible. For
remote administration, the confidentiality of
communications should be protected.
255
 2012 International Conference on Radar, Communication and Computing (ICRCC)
VI. ENSURING THE HYPERVISOR IS PROPERLY SECURED
Securing a hypervisor involve actions that are standard
for any type of software, such as installing updates as they
become available. Other recommended actions include
disabling unused virtual hardware, file sharing and
considering using the hypervisors capabilities to monitor
the security of each guest OS running within it, as well as
the security activities occurring between guest operating
system. The hypervisor also needs to be carefully
monitored for signs of compromise.
Virtual OS
Client Virtual OS
machine
Virtual OS
Fig. 2. Client accessing number of virtual OS Simultaneously
Virtual applications being accessed in the virtual
environment on-demand by the client should have
privacy, such that the clients accessing virtual application
is private from other client in the virtual environment. If
not, there occurs a migration of information from one
client to another client in the same virtual environment
which leads to data in security. The data is insecure in
such case if there is no privacy among virtual applications
and the client. This is not an issue in case of physical
environment, where every application and the clients
isolated from each other.
When virtual applications access information from the
database server, the data from the server becomes
inconsistent, by several operations performed by the
client.
When the operating system is provided as a service,
there arise several issues rather than when the applications
are accessed On-Demand. For example, when there are
multiple OS requests by the clients simultaneously, the
server slows down.
VII. CONCLUSION
An issue faced by the virtual machines in virtual
environment has been dealt with. It is clear that there arise
several issues in virtual environment rather than in
256
physical environment right from resource allocation to OS
access. Number of OS accessed by different clients
slowing down the server can be avoided by making
parallel OS request. Such that solutions for all issues that
has been discussed in this paper should be taken into an
consideration while virtual access. Virtual privacy and
virtual security should be provided in virtual environment
to in-order to overcome all the above defined issues.
Virtual privacy between the virtual machines in an virtual
environment isolates one machine from other, thereby
each VMs in VE are secured.
REFERENCE
[1] Qian Wang , Cong Wang ; Kui Ren ; Wenjing Lou ; Jin
Li Enabling Public Auditability and Data Dynamics for
Storage Security in Cloud Computing Parallel and
Distributed Systems, IEEE Transactions on May 2011,
Volume: 22 , Issue: 5 , Page(s): 847 859
[2] Jensen, M.; Schwenk, J.; Gruschka, N.; Iacono, L.L. On
Technical Security Issues in Cloud Computing Cloud
Computing, 2009. CLOUD '09. IEEE International
Conference , Page(s): 109 116
[3] Jianfeng Yang; Zhibin Chen Cloud Computing Research
and Security Issues Computational Intelligence and
Software Engineering (CiSE), 2010 International
Conference, Publication Year: 2010 , Page(s): 1 3
[4] Cong Wang; Qian Wang; Kui Ren; Ning Cao; Wenjing
Lou Toward Secure and Dependable Storage Services in
Cloud Computing Services Computing, IEEE
Transactions on 2012, Page(s): 220 232
[5] Wang, C.; Chow, S.; Wang, Q.; Ren, K.; Lou, W.
Privacy-Preserving Public Auditing for Secure Cloud
Storage Computers, IEEE Transactions on 2011,Volume:
PP , Issue: 99 , Page(s): 1
[6] Imad M. Abbadi Toward Trustworthy Clouds Internet
Scale Critical Infrastructure Lecture Notes in Computer
Science, Springer 2011, Volume 6672/2011, 71-82
[7] Pardeep Sharma, Sandeep K. Sood and Sumeet Kaur
Security Issues in Cloud Computing Communications in
Computer and Information Science, 2011, Springer
Volume 169, Part 1, 36-45
[8] Mohammed A. AlZain, Ben Soh and Eric Pardede A new
model to ensure security in cloud computing services
Journal of Service Science Research, Springer 2012,
Volume 4, Number 1, Pages 49-70
[9] Wenjuan Li and Lingdi Ping Trust Model to Enhance
Security and Interoperability of Cloud Environment
Lecture Notes in Computer Science, Springer 2009,
Volume 5931, Cloud Computing, Pages 69-79
[10] Jin-Song Xu, Ru-Cheng Huang, Wan-Ming Huang and
Geng Yang Secure Document Service for Cloud
Computing Lecture Notes in Computer Science,
Springer2009, Volume 5931, Cloud Computing, Pages
541-546