Sas Mihindu
Providing security for virtual datacentres
Mihindu, Sas
Authors
Abstract
This paper provides technique for realising integrity and isolation in virtual systems. This is achieved by supporting a logical cages model, in particular for virtualised datacentres, based on a concept called Trusted Virtual Domains or TVDs. Based on previous work, paper describes a security management framework that helps to realise the abstraction of TVDs by guaranteeing reliable isolation and flow control between domain boundaries. The proposed framework employs networking and storage virtualisation technologies as well as Trusted Computing for policy verification. The main contributions are (1) combining these technologies to realise TVDs and (2) orchestrating them through a management framework that automatically enforces isolation among different zones. In particular, this solution aims at automating the verification, instantiation and deployment of the appropriate security mechanisms and virtualisation technologies based on an input security model, which specifies the required level of isolation and permitted information flows.
Citation
Mihindu, S. (2010, March). Providing security for virtual datacentres. Presented at UKUUG's annual Large Installation Systems Administration (LISA) conference, Manchester, England
Presentation Conference Type | Speech |
---|---|
Conference Name | UKUUG's annual Large Installation Systems Administration (LISA) conference |
Conference Location | Manchester, England |
Start Date | Mar 23, 2010 |
End Date | Mar 25, 2010 |
Publication Date | Mar 23, 2010 |
Deposit Date | Oct 13, 2010 |
Publicly Available Date | Apr 5, 2016 |
Publisher URL | http://spring2010.ukuug.org/ |
Additional Information | Corporate Creators : UK's Unix & Open Systems User Group Event Type : Conference Funders : UK's Unix & Open Systems User Group (UKUUG) |
Files
sas_mihindu_ukuug10ap.pdf
(230 Kb)
PDF
Version
Technical discussion - paper