Embedded Files
Openstack Cloud for single root input/output virtualization (SR-IOV) in Application Level Ballooning
Openstack Cloud for single root input/output virtualization (SR-IOV) in Application Level Ballooning
A Centralized Pervasive Computing Environment/Multilevel Security (CPCE/MLS) system was designed to provide the security guarantee of the pervasive computing environment by introducing the server-storage terminals and implementing the multilevel security access control mechanism based on BLP model, process creation supervision, and an auditing mechanism. Though these works are very meaningful and valuable, they do not consider the security issues in a task-oriented environment with virtualization. To satisfy the requirements for environment with virtualization a task-oriented co-operative access scheme VR-BLP is proposed and implemented with network isolation co-operating with process isolation and shared memory isolation mechanisms, to enhance the security isolations between tasks. Given a secure initial state, the state of the system retains security if every state transition satisfies the simple security property, the property, and the discretionary property. By providing a general purpose framework for security policy modules, LSM allows many different access control schemes to be implemented as loadable kernel modules and hence enables these security policies to develop independently. A quantity of existing access control implementations, including SELinux, Domain, and Type Enforcement (DTE) and Linux Intrusion Detection System (LIDS) has already been adapted to use the LSM framework.
Secure Channel Message Authentication Code Key (Kmac)
(For process isolation and shared memory isolation, they are implemented by a security module named KMAC that we designed based on LSM.) Through attaching tasks’ security labels to virtual machines and virtual machines’ disk images, KMAC does not allow one virtual machine request to access a disk whose security label is different from the virtual machine’s security label. Through attaching tasks’ security labels to virtual machines and virtual machines’ shared memory, KMAC does not allow one virtual machine request to access a shared memory whose security label is different from the virtual machine’s security label. When a user requests to access a task with access attribute read-only, write-only, or read-write, the request is analyzed by the security switch and the ACL rules in the security switch decides if the request is legal. To strengthen the security isolation of virtual machines, a KMAC module based on LSM is designed. For security reasons, KMAC modules must be compiled into the Linux kernel as a LSM module. KMAC strengthens the security isolation of the process and the shared memory between virtual machines. A virtual machine is a QEMU process in the host machines. To strengthen the security isolation between QEMU processes, the disk images of each process are isolated. When a QEMU process starts, KMAC module allocates the same unique security label to the QEMU process and its disk image. After that, the QEMU process cannot access other processes with different security labels. By using ivshmem, a virtual PCI device is added to a virtual machine to create a piece of shared memory. By using inode create and file mmap functions of the LSM module, we could control virtual machines’ access to shared memory. When a QEMU process starts, the KMAC module allocates the same unique security label to the QEMU process and its shared memory. After that, the QEMU process cannot access other processes’ shared memory with different security labels.
Demonstrate that VMs on the state-of-the-art multi-core processor based systems scale as well as multiple threads on native SMP kernel for CPU and memory intensive workloads. Intra-VM communication of network I/O intensive TCP message workload has a lower overhead compared to multiple threads when VMs are pinned to specific cores. However, VM scalability is severely limited for such workloads for across-VM communication on a single host due to virtual bridges. For across local and wide area network communication, in parallel, to measure the network I/O performance scalability across two physical hosts. The total throughput is the sum of all throughputs on individual VMs. In this case all sender ends are running on VMs of the first physical host and all receiver ends are running on the second physical host. For multiple hosts based VM interactions case, there are two scenarios; (1) multiple hosts connected through a LAN; and (2) multiple hosts connected through WAN. Thus virtualization provides isolation without compromising the linear CPU throughput scalability. This is expected as we are utilizing each processor core independent of the others.
Google Sites
Report abuse