AK
Uploaded byAli Fraz Khan
PPTX, PDF47 views

virtualization.pptx

Virtualization allows multiple operating systems to run on a single physical system by sharing hardware resources. It is used to improve efficiency and reduce costs. A virtual machine (VM) isolates a guest operating system and applications. The hypervisor controls host resources and allocates them to VMs. Benefits include resource sharing, isolation, hardware independence, and portability. Cloud computing takes virtualization further by offering on-demand resources over the internet. Security challenges include the large trusted computing base of the hypervisor. Solutions aim to reduce the TCB by removing the hypervisor or isolating its functions in hardware and management software.

Embed presentation

Download to read offline
Virtualization and Cloud Computing
Definition • Virtualization is the ability to run multiple operating systems on a single physical system and share the underlying hardware resources* • It is the process by which one computer hosts the appearance of many computers. • Virtualization is used to improve IT throughput and costs by using physical resources as a pool from which virtual resources can be allocated. *VMWare white paper, Virtualization Overview
Virtualization Architecture •A Virtual machine (VM) is an isolated runtime environment (guest OS and applications) •Multiple virtual systems (VMs) can run on a single physical system
Hypervisor • A hypervisor, a.k.a. a virtual machine manager/monitor (VMM), or virtualization manager, is a program that allows multiple operating systems to share a single hardware host. • Each guest operating system appears to have the host's processor, memory, and other resources all to itself. However, the hypervisor is actually controlling the host processor and resources, allocating what is needed to each operating system in turn and making sure that the guest operating systems (called virtual machines) cannot disrupt each other.
Benefits of Virtualization • Sharing of resources helps cost reduction • Isolation: Virtual machines are isolated from each other as if they are physically separated • Encapsulation: Virtual machines encapsulate a complete computing environment • Hardware Independence: Virtual machines run independently of underlying hardware • Portability: Virtual machines can be migrated between different hosts.
Virtualization in Cloud Computing Cloud computing takes virtualization one step further: • You don’t need to own the hardware • Resources are rented as needed from a cloud • Various providers allow creating virtual servers: – Choose the OS and software each instance will have – The chosen OS will run on a large server farm – Can instantiate more virtual servers or shut down existing ones within minutes • You get billed only for what you used
Virtualization Security Challenges The trusted computing base (TCB) of a virtual machine is too large. • TCB: A small amount of software and hardware that security depends on and that we distinguish from a much larger amount that can misbehave without affecting security* • Smaller TCB  more security *Lampson et al., “Authentication in distributed systems: Theory and practice,” ACM TCS 1992
Xen Virtualization Architecture and the Threat Model • Management VM – Dom0 • Guest VM – Dom • Dom0 may be malicious – Vulnerabilities – Device drivers – Careless/malicious administration • Dom0 is in the TCB of DomU because it can access the memory of DomU, which may cause information leakage/modification
Virtualization Security Requirements • Scenario: A client uses the service of a cloud computing company to build a remote VM – A secure network interface – A secure secondary storage – A secure run-time environment • Build, save, restore, destroy
Virtualization Security Requirements • A secure run-time environment is the most fundamental – The first two problems already have solutions: • Network interface: Transport layer security (TLS) • Secondary storage: Network file system (NFS) – The security mechanism in the first two rely on a secure run-time environment • All the cryptographic algorithms and security protocols reside in the run-time environment
Smaller TCB Solution Smaller TCB Actual TCB *Secure Virtual Machine Execution under an Untrusted Management OS. C. Li, A. Raghunathan, N.K. Jha. IEEE CLOUD, 2010.
Domain building • Building process
Domain save/restore
Hypervisor Vulnerabilities Malicious software can run on the same server: – Attack hypervisor – Access/Obstruct other VMs 14 Physical Hardware Hypervisor OS OS Apps Apps Guest VM1 Guest VM2 servers
NoHype* • NoHype removes the hypervisor – There’s nothing to attack – Complete systems solution – Still retains the needs of a virtualized cloud infrastructure 15 Physical Hardware OS OS Apps Apps Guest VM1 Guest VM2 No hypervisor *NoHype: Virtualized Cloud Infrastructure without the Virtualization. E. Keller, J. Szefer, J. Rexford, R. Lee. ISCA 2010.
Roles of the Hypervisor • Isolating/Emulating resources – CPU: Scheduling virtual machines – Memory: Managing memory – I/O: Emulating I/O devices • Networking • Managing virtual machines Push to HW / Pre-allocation Remove Push to side
Removing the Hypervisor • Scheduling virtual machines – One VM per core • Managing memory – Pre-allocate memory with processor support • Emulating I/O devices – Direct access to virtualized devices • Networking – Utilize hardware Ethernet switches • Managing virtual machines – Decouple the management from operation
References • http://www.vmware.com/pdf/virtualization.pdf • NoHype: Virtualized Cloud Infrastructure without the Virtualization. E. Keller, J. Szefer, J. Rexford, R. Lee. ISCA 2010. • Secure Virtual Machine Execution under an Untrusted Management OS. C. Li, A. Raghunathan, N.K. Jha. IEEE CLOUD, 2010. • An Introduction to Virtualization and Cloud Technologies to Support Grid Computing. I.M. Lorente. EGEE08.

More Related Content

PPTX
virtualization123 file that is good for study
byellec281
 
PPTX
unit-2.pptx
bysujatha629799
 
PPTX
Virtualization
bypreethipreethi35
 
PPTX
virtualization-220403085202_Chapter1.pptx
byXanGwaps
 
PPTX
Cloud computing 3 cloud and virtualisation
byVaibhav Khanna
 
PPTX
Cloud Computing vs Virtualization From Desktop to Server
byFadly Rizal Ahmad Fadzil
 
PPTX
week 3 cloud computing northumbria foudation
byMarufFarhanRigan1
 
PDF
Virtualisation and Related Concepts in Cloud Computing.pdf
byAmol Gaikwad
 
virtualization123 file that is good for study
byellec281
 
unit-2.pptx
bysujatha629799
 
Virtualization
bypreethipreethi35
 
virtualization-220403085202_Chapter1.pptx
byXanGwaps
 
Cloud computing 3 cloud and virtualisation
byVaibhav Khanna
 
Cloud Computing vs Virtualization From Desktop to Server
byFadly Rizal Ahmad Fadzil
 
week 3 cloud computing northumbria foudation
byMarufFarhanRigan1
 
Virtualisation and Related Concepts in Cloud Computing.pdf
byAmol Gaikwad
 

Similar to virtualization.pptx

PPTX
SPPU_TE_COMPUTER_CLOUD_COMPUTING_unit 3.pptx
byericmyer1
 
PPTX
sppu_TE_Comp_Cloud_computing_unit 3_cc.pptx
byericmyer1
 
PPTX
Cloud.pptx
byAjit Wadhawan
 
PDF
Cloud Computing and Virtualization
byMahbub Noor Bappy
 
PDF
Sneak peak of Cloud Computing
byJamie Shoup
 
PDF
111111111111111111111FinalPresentation.pdf
byNilKanth2
 
PPTX
Virtualization_IoT_Cloud_Presentation_ .pptx
byaubreyubuntu
 
PPTX
Virtualization- Cloud Computing
byNIKHILKUMAR SHARDOOR
 
PPTX
CSF349 Module-2 Topic-1 (virtualization).pptx
bypradeepRawat740305
 
PPT
Cloud Computing using virtulization
byAJIT NEGI
 
PPTX
VIRTUALIZATION for computer science.pptx
byKelvinBakespear
 
PPTX
6-Virtualizaiton-6.pptx
byAnsarHasas1
 
PDF
Cloud_Lect03 TRIEN KHAI CÁC DICH VỤ TREN DAM MAY
byhoangdinhhanh88
 
PPTX
Virtualization unit 3.pptx
byBinod Rimal
 
PPTX
isca10 virtual cloud infrastructure without virtualization
bySuriaRao2
 
PPTX
virtual-machine-ppt 18030 cloud computing.pptx
byZarwashgulrez
 
PPTX
Cloud reference model session3
byDr. Ramkumar Lakshminarayanan
 
PDF
Intro to virtualization
byKalpna Saharan
 
PPTX
cc.pptx
bySwethaKr3
 
PPTX
Virtualization in cloud computing
byMohammad Ilyas Malik
 
SPPU_TE_COMPUTER_CLOUD_COMPUTING_unit 3.pptx
byericmyer1
 
sppu_TE_Comp_Cloud_computing_unit 3_cc.pptx
byericmyer1
 
Cloud.pptx
byAjit Wadhawan
 
Cloud Computing and Virtualization
byMahbub Noor Bappy
 
Sneak peak of Cloud Computing
byJamie Shoup
 
111111111111111111111FinalPresentation.pdf
byNilKanth2
 
Virtualization_IoT_Cloud_Presentation_ .pptx
byaubreyubuntu
 
Virtualization- Cloud Computing
byNIKHILKUMAR SHARDOOR
 
CSF349 Module-2 Topic-1 (virtualization).pptx
bypradeepRawat740305
 
Cloud Computing using virtulization
byAJIT NEGI
 
VIRTUALIZATION for computer science.pptx
byKelvinBakespear
 
6-Virtualizaiton-6.pptx
byAnsarHasas1
 
Cloud_Lect03 TRIEN KHAI CÁC DICH VỤ TREN DAM MAY
byhoangdinhhanh88
 
Virtualization unit 3.pptx
byBinod Rimal
 
isca10 virtual cloud infrastructure without virtualization
bySuriaRao2
 
virtual-machine-ppt 18030 cloud computing.pptx
byZarwashgulrez
 
Cloud reference model session3
byDr. Ramkumar Lakshminarayanan
 
Intro to virtualization
byKalpna Saharan
 
cc.pptx
bySwethaKr3
 
Virtualization in cloud computing
byMohammad Ilyas Malik
 

Recently uploaded

PPTX
"Aristotle : Father Of Western Philosophy"
bymitalbarathod28
 
PPTX
Appreciations - Jan 26 01.pptxkkkmmkmkmkmkm
bypreetheshparmar
 
PPTX
The night at deoli - Ruskin bond's story of first love
byrajibhammar4
 
PPTX
" Jaya : Silence as Resistance " - That long silence
bydharabhandari35
 
PPTX
How to Create & Configure Rewards in Odoo 18 Referrals
byCeline George
 
PPTX
How to Track Team Performance Analysis in Odoo 18 Recruitment
byCeline George
 
PDF
West Hatch High School - GCSE French Specification
byWestHatch
 
PPTX
Guidelines for reporting social networks and personal networks data
byisidromj
 
PDF
Radio Ceylon Finals (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
PDF
Chapter 05 Drug Acting on CNS General Anasthetics.pdf
bySandeshSul
 
PDF
APPSC APPSC Forest Draughtsman GS Question paper.pdf
byssuser9d8e4e
 
PDF
Schrodinger's Capital Finals (SciBiz Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
PPTX
Mohan - "A man of silence and authority"
bynidhibachauhan46
 
PPTX
literary theory and criticism by Vivek p
byvivekrathodborda
 
PPTX
How Physician Assistants in the USA Earn CME Credits Online.pptx
byCME4Life
 
PPTX
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 
PPTX
MEMORY &FORGETTING. Shilpa Hotakar.Psychology pptx
bySHILPA HOTAKAR
 
PDF
Information about the author Shashi Deshpande
bydarshanaparmar6522
 
PPTX
Toba Tek Singh - Visualising Partition through Manto's Lens
bymiraljoshi48
 
PDF
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 
"Aristotle : Father Of Western Philosophy"
bymitalbarathod28
 
Appreciations - Jan 26 01.pptxkkkmmkmkmkmkm
bypreetheshparmar
 
The night at deoli - Ruskin bond's story of first love
byrajibhammar4
 
" Jaya : Silence as Resistance " - That long silence
bydharabhandari35
 
How to Create & Configure Rewards in Odoo 18 Referrals
byCeline George
 
How to Track Team Performance Analysis in Odoo 18 Recruitment
byCeline George
 
West Hatch High School - GCSE French Specification
byWestHatch
 
Guidelines for reporting social networks and personal networks data
byisidromj
 
Radio Ceylon Finals (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
Chapter 05 Drug Acting on CNS General Anasthetics.pdf
bySandeshSul
 
APPSC APPSC Forest Draughtsman GS Question paper.pdf
byssuser9d8e4e
 
Schrodinger's Capital Finals (SciBiz Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
Mohan - "A man of silence and authority"
bynidhibachauhan46
 
literary theory and criticism by Vivek p
byvivekrathodborda
 
How Physician Assistants in the USA Earn CME Credits Online.pptx
byCME4Life
 
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 
MEMORY &FORGETTING. Shilpa Hotakar.Psychology pptx
bySHILPA HOTAKAR
 
Information about the author Shashi Deshpande
bydarshanaparmar6522
 
Toba Tek Singh - Visualising Partition through Manto's Lens
bymiraljoshi48
 
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 

virtualization.pptx

  • 1.
  • 2.
    Definition • Virtualization isthe ability to run multiple operating systems on a single physical system and share the underlying hardware resources* • It is the process by which one computer hosts the appearance of many computers. • Virtualization is used to improve IT throughput and costs by using physical resources as a pool from which virtual resources can be allocated. *VMWare white paper, Virtualization Overview
  • 3.
    Virtualization Architecture •A Virtualmachine (VM) is an isolated runtime environment (guest OS and applications) •Multiple virtual systems (VMs) can run on a single physical system
  • 4.
    Hypervisor • A hypervisor,a.k.a. a virtual machine manager/monitor (VMM), or virtualization manager, is a program that allows multiple operating systems to share a single hardware host. • Each guest operating system appears to have the host's processor, memory, and other resources all to itself. However, the hypervisor is actually controlling the host processor and resources, allocating what is needed to each operating system in turn and making sure that the guest operating systems (called virtual machines) cannot disrupt each other.
  • 5.
    Benefits of Virtualization •Sharing of resources helps cost reduction • Isolation: Virtual machines are isolated from each other as if they are physically separated • Encapsulation: Virtual machines encapsulate a complete computing environment • Hardware Independence: Virtual machines run independently of underlying hardware • Portability: Virtual machines can be migrated between different hosts.
  • 6.
    Virtualization in CloudComputing Cloud computing takes virtualization one step further: • You don’t need to own the hardware • Resources are rented as needed from a cloud • Various providers allow creating virtual servers: – Choose the OS and software each instance will have – The chosen OS will run on a large server farm – Can instantiate more virtual servers or shut down existing ones within minutes • You get billed only for what you used
  • 7.
    Virtualization Security Challenges Thetrusted computing base (TCB) of a virtual machine is too large. • TCB: A small amount of software and hardware that security depends on and that we distinguish from a much larger amount that can misbehave without affecting security* • Smaller TCB  more security *Lampson et al., “Authentication in distributed systems: Theory and practice,” ACM TCS 1992
  • 8.
    Xen Virtualization Architectureand the Threat Model • Management VM – Dom0 • Guest VM – Dom • Dom0 may be malicious – Vulnerabilities – Device drivers – Careless/malicious administration • Dom0 is in the TCB of DomU because it can access the memory of DomU, which may cause information leakage/modification
  • 9.
    Virtualization Security Requirements •Scenario: A client uses the service of a cloud computing company to build a remote VM – A secure network interface – A secure secondary storage – A secure run-time environment • Build, save, restore, destroy
  • 10.
    Virtualization Security Requirements •A secure run-time environment is the most fundamental – The first two problems already have solutions: • Network interface: Transport layer security (TLS) • Secondary storage: Network file system (NFS) – The security mechanism in the first two rely on a secure run-time environment • All the cryptographic algorithms and security protocols reside in the run-time environment
  • 11.
    Smaller TCB Solution SmallerTCB Actual TCB *Secure Virtual Machine Execution under an Untrusted Management OS. C. Li, A. Raghunathan, N.K. Jha. IEEE CLOUD, 2010.
  • 12.
  • 13.
  • 14.
    Hypervisor Vulnerabilities Malicious softwarecan run on the same server: – Attack hypervisor – Access/Obstruct other VMs 14 Physical Hardware Hypervisor OS OS Apps Apps Guest VM1 Guest VM2 servers
  • 15.
    NoHype* • NoHype removesthe hypervisor – There’s nothing to attack – Complete systems solution – Still retains the needs of a virtualized cloud infrastructure 15 Physical Hardware OS OS Apps Apps Guest VM1 Guest VM2 No hypervisor *NoHype: Virtualized Cloud Infrastructure without the Virtualization. E. Keller, J. Szefer, J. Rexford, R. Lee. ISCA 2010.
  • 16.
    Roles of theHypervisor • Isolating/Emulating resources – CPU: Scheduling virtual machines – Memory: Managing memory – I/O: Emulating I/O devices • Networking • Managing virtual machines Push to HW / Pre-allocation Remove Push to side
  • 17.
    Removing the Hypervisor •Scheduling virtual machines – One VM per core • Managing memory – Pre-allocate memory with processor support • Emulating I/O devices – Direct access to virtualized devices • Networking – Utilize hardware Ethernet switches • Managing virtual machines – Decouple the management from operation
  • 18.
    References • http://www.vmware.com/pdf/virtualization.pdf • NoHype:Virtualized Cloud Infrastructure without the Virtualization. E. Keller, J. Szefer, J. Rexford, R. Lee. ISCA 2010. • Secure Virtual Machine Execution under an Untrusted Management OS. C. Li, A. Raghunathan, N.K. Jha. IEEE CLOUD, 2010. • An Introduction to Virtualization and Cloud Technologies to Support Grid Computing. I.M. Lorente. EGEE08.