Vishal Gohel, profile picture
Uploaded byVishal Gohel
PPT, PDF232 views

Cloud computing

Vishal Gohel proposes improving the security of virtual network communication and trusted launch of virtual machines in public infrastructure as a service (IAAS) environments. He plans to implement a secure runtime environment using the Xen hypervisor and demonstrate how it can enable secure remote computing services even under an untrusted management operating system. The expected outcomes are a secure network interface, comparison of different hypervisors for trusted virtual network communication, and the creation of a trusted computing environment for virtual machines requiring high security.

Embed presentation

Download to read offline
GOHEL VISHAL LECTURER OF COMPUTER DEPT. GPBHUJ MO:9638893297 Improvement of virtual network communication security of trusted launch of virtual machine in public IAAS environment”
Contents • Introduction • Literature Review (In Detail) • Reserch Findings • Research Objective • Work Plan/Simulation tools used • Problem Formulation (if any) • Proposed Methodology/Algorithm(if any) • Expected Outcome • Conclusion • Publication • Bibliography
Introduction Of Cloud Computing • What is Cloud Computing? • Until recently, computing meant a program that ran on a desktop or laptop computer on your desk, or a server in your lab. Or, using the internet, you could use a program that was running on a server somewhere else in the world. But it was always a specific piece of hardware in a specific location that was running the program. • In the context of cloud computing, cloud refers to the internet. And then, cloud computing means that the computing is happening somewhere in the cloud. You don't know where the computing is happening, most of the time, you can't know where it is happening (since it can keep moving around), and the most important factor is that you don't care.
Types of Cloud Service • Software As A Service software as a service (saas) is the model in which an application is hosted as a service to customers who access it via the internet. when the software is hosted off- site, the customer doesn’t have to maintain it or support it. on the other hand, it is out of the customer ’s hands when the hosting service decideds to change it. the idea is that you use the software out of the box as is and do not need to make a lot of changes or require integration to other systems. • Hardware As A Service hardware as a service (haas) is the next form of service available in cloud computing. where saas and paas are providing applications to customers, haas doesn’t. it simply offers the hardware so that your organization can put whatever they want onto it. • Platform AS A Service following on the heels of saas, platform as a service (paas) is another application delivery model. paas supplies all the resources required to build applications and services completely from the internet, without having to download or install software.
Introduction of IIAS • Infrastructure as a Service is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis. • IaaS is one of three main categories of cloud computing service. The other two are Software as a Service (SaaS) and Platform as a Service (PaaS). Infrastructure as a Service is sometimes referred to as Hardware as a Service (HaaS). • Characteristics and components of IaaS include: • Utility computing service and billing model. • Automation of administrative tasks. • Dynamic scaling. • Desktop virtualization. • Policy-based services. • Internet connectivity.
Literature Review-1 • Trusted Launch of Virtual Machine Instances in Public IaaS Environments-Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2-2011[1] – Problem statement That no modications or customizations of the VM image to be launched are performed by the IaaS provider without the client's knowledge. – Main contribution • 1. Description of a trusted launch protocol for VM instances in public IaaS environments. • 2. Implementation of the proposed protocol based on a widely-known IaaS platform.
Literature Review-1(continue) – Methodology/Platform Open Stack IaaS platform ---- Simulation parameter Trusted VM launch protocol Conclusion Trusted computing offers capabilities to securely perform data manipulations on remote hardware owned and maintained by another party by potentially preventing the use of untrusted software on that hardware for such manipulations. Future work First is the extension of the trust chain to other operations on VM instances (migration, suspension, updates, etc.), as well as data storage and virtual network communications security. The second category includes addressing certain assumptions of the proposed launch protocol. The third category focuses on the design and implementation of the evaluation poli-cies of the TTP.
Literature Review-2 • Trusted Launch of Generic Virtual Machine Images in Public IaaS Environments-Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2-2011[2] – Problem statement That no modications or customizations of the VM image to be launched are performed by the IaaS provider without the client's knowledge. – Main contribution • 1. Introduction of the concept of generic virtual machine images in the context of IaaS • security. • 2. Description of a trusted launch protocol for generic VM images in IaaS environments. • 3. Implementation of the proposed protocol based on a widely-known IaaS platform..
Literature Review-2(continue) – Methodology/Platform Open Stack IaaS platform ---- Simulation parameter Trusted GVM image launch protocol Conclusion Trusted computing offers capabilities to securely perform data manipulations on remote hardware owned and maintained by another party by potentially preventing the use of untrusted software on that hardware for such manipulations. Future work First is the extension of the trust chain to other operations on VM instances (migration, suspension, updates, etc.), as well as data storage and virtual network communications security. The second category includes addressing certain assumptions of the proposed launch protocol. The third category focuses on the design and implementation of the evaluation poli-cies of the TTP.
Literature Review-3
Research Objective • The Objectives of my dissertation work are • Improvement of Virtual network communication security in IaaS services. • Provide more secure cloud computing environment. • Provide secure run-time virtual environment using Xen virtualization system. • Secure Virtual Machine Execution under an Untrusted Management OS.
Simulation tools used • Xen Hypervisor • XEN (originally called XENoServers) project is funded by Engineering and Physical Sciences Research Council of the UK (UK - EPSRC) at the University of Cambridge. The XENoServers project is led by Ian Pratt, a Senior Lecturer at the University of Cambridge Computer Laboratory, Fellow of King ’ s College Cambridge, and a leader of the Systems Research Group at the University of Cambridge. The aim of the XENoServers project is to develop a powerful, flexible infrastructure for global distributed computing. A key element of the XENoServers project is the ability to enable single machines to run different, or multiple, operating system instances and their associated applications in isolated, protected environments. These operating system instances can then separately account for resource use and provide unique system accounting and auditing information.
Problem Formulation “Improvement of virtual network communication security of trusted launch of virtual machine in public IAAS environment” • •Proposed research work •I proposed a virtualization architecture to ensure a secure VM execution environment under an untrusted management OS. And Comparison between an untrusted and trusted management OS. The mechanism includes a secure network interface, secure secondary storage and most importantly, a secure run-time execution environment. •I want to implement the secure run-time environment in the Xen virtualization system. And also go for identification which hypervisor is more convenient for trusted virtual network communication security. •I want to demonstrate how it can be used to facilitate secure remote computing services. •I believe that using the proposed secure virtualization architecture, even under an untrusted management OS, a trusted computing environment can be created for a VM which needs a high security level, with very small performance penalties.
Proposed Methodology/Algorithm • 1. Trusted VM launch protocol. • 2. Open stack IaaS platform. • 3. Secure virtual machine and untrusted OS.
Work Plan Sr. No. Work Time Outcome 1. Module1(Introduction of cloud computing) --- Detail understanding about cloud computing 2. Module2(detail services of cloud computing) --- Service related different issues 3. Module3(Detail study of IAAS) --- IAAS related detail issues 4 Literature survey about Iaas services --- Concept is clear about Iaas services 5 Find final definition --- Clear final definition 6 Propose design --- Prototype module 7 Implementation of propose design using simulator --- 8 Testing of work done --- 9 Perforation study and comparison --- 10 Plot Improvement graph and chart ---
Expected Outcome • Secure network interface. • Secure run-time environment in the Xen virtualization system and compare to the other hypervisor. • Secure remote computing services.
Conclusion • The mechanism includes a secure network interface, secure secondary storage and most importantly, a secure run-time execution environment. We have implemented the secure run- time environment in the Xen virtualization system. I believe that using the proposed secure virtualization architecture, even under an untrusted management OS, a trusted computing environment can be created for a VM which needs a high security level, with very small performance penalties.
References 1. Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2. “Trusted Launch of Virtual Machine Instances in Public IaaS Environments” October 2011, AFCEA cyber communit. 2. Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2. “Trusted Launch of Virtual Machine Instances in Public IaaS Environments” October 2011, AFCEA cyber communit 3. Chunxiao Li, Anand Raghunathan, Niraj K. Jha “Secure Virtual Machine Execution under an Untrusted Management OS”(2010).
Bibliography • http://www.eucalyptus.com • Virtualization overview, White paper, VM Ware • http://www.technomenace.com/2010/11/cre ating-xen-virtual-machine-domu/ • http://www.cl.cam.ac.uk/research/srg/netos/ xen/performance.html • http://www.xen.org

More Related Content

PDF
CS8791 Cloud Computing - Question Bank
bypkaviya
 
PDF
Week 1 lecture material cc
byAnkit Gupta
 
PDF
Cloud Computing System models for Distributed and cloud computing & Performan...
byhrmalik20
 
DOCX
Cloud computing
byGovardhan Gottigalla
 
PPTX
Cluster and Grid Computing
bySayed Chhattan Shah
 
PPTX
Task Scheduling Using Firefly algorithm with cloudsim
byAqilIzzuddin
 
PDF
Week 7 lecture material
byAnkit Gupta
 
PDF
Week 8 lecture material
byAnkit Gupta
 
CS8791 Cloud Computing - Question Bank
bypkaviya
 
Week 1 lecture material cc
byAnkit Gupta
 
Cloud Computing System models for Distributed and cloud computing & Performan...
byhrmalik20
 
Cloud computing
byGovardhan Gottigalla
 
Cluster and Grid Computing
bySayed Chhattan Shah
 
Task Scheduling Using Firefly algorithm with cloudsim
byAqilIzzuddin
 
Week 7 lecture material
byAnkit Gupta
 
Week 8 lecture material
byAnkit Gupta
 

What's hot

PDF
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
byPushpa
 
PPTX
My Dissertation 2016
byVrushali Lanjewar
 
PPT
Scheduling in CCE
byMayuri Saxena
 
PPTX
High performance computing
bypunjab engineering college, chandigarh
 
PDF
Mod05lec25(resource mgmt ii)
byAnkit Gupta
 
PPTX
Smart cloud - single to multi cloud
byAbdul Rasheed Feroz Khan
 
PDF
An efficient scheduling policy for load balancing model for computational gri...
byAlexander Decker
 
PDF
Lecture27 cc-security2
byAnkit Gupta
 
PPTX
Cluster computing pptl (2)
byRohit Jain
 
PPT
The Trouble with Cloud Forensics
bySharique Rizvi
 
DOC
CMG White Paper
byLen Jejer
 
PDF
F233842
byirjes
 
PPTX
Dbms
byvatsaanadi
 
DOC
Clusetrreport
bySreejith Nair
 
PPTX
Cloud slide
byAthulya K S
 
PPTX
Cloud and Virtualization Security
byRubal Sagwal
 
PDF
Week 4 lecture material cc (1)
byAnkit Gupta
 
PDF
Week2 cloud computing week2
byAnkit Gupta
 
PPTX
cluster computing
byanjalibhandari11011995
 
PPT
Computing Outside The Box
byIan Foster
 
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
byPushpa
 
My Dissertation 2016
byVrushali Lanjewar
 
Scheduling in CCE
byMayuri Saxena
 
High performance computing
bypunjab engineering college, chandigarh
 
Mod05lec25(resource mgmt ii)
byAnkit Gupta
 
Smart cloud - single to multi cloud
byAbdul Rasheed Feroz Khan
 
An efficient scheduling policy for load balancing model for computational gri...
byAlexander Decker
 
Lecture27 cc-security2
byAnkit Gupta
 
Cluster computing pptl (2)
byRohit Jain
 
The Trouble with Cloud Forensics
bySharique Rizvi
 
CMG White Paper
byLen Jejer
 
F233842
byirjes
 
Dbms
byvatsaanadi
 
Clusetrreport
bySreejith Nair
 
Cloud slide
byAthulya K S
 
Cloud and Virtualization Security
byRubal Sagwal
 
Week 4 lecture material cc (1)
byAnkit Gupta
 
Week2 cloud computing week2
byAnkit Gupta
 
cluster computing
byanjalibhandari11011995
 
Computing Outside The Box
byIan Foster
 

Similar to Cloud computing

PPTX
Introduction to Cloud Security.pptx
byssuser0fc2211
 
PDF
A survey on Improvement of virtual network communication security of trusted ...
byijsrd.com
 
PPTX
Cloud.pptx
byAjit Wadhawan
 
PPT
Cloud Security
byRashmi Agale
 
PPTX
Virtualization and cloud computing
byDeep Gupta
 
PDF
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
byIJIR JOURNALS IJIRUSA
 
PPTX
Cloud Computing Presentation
byJReifman
 
PDF
Providing user security guarantees
byKamal Spring
 
PDF
Providing user security guarantees
byKamal Spring
 
PPTX
talk6securingcloudamarprusty-191030091632.pptx
byTrongMinhHoang1
 
PDF
Providing user security guarantees in public infrastructure clouds
byShakas Technologies
 
PDF
Providing user security guarantees in public infrastructure clouds
byShakas Technologies
 
DOCX
REPORT1 new
bysowmya seles
 
PPTX
Cloud Security
byAWS User Group Bengaluru
 
PPTX
Cloud Security
byAWS User Group Bengaluru
 
PPTX
Cloud Computing
byMannat Singh
 
PPT
lecture5 Cloud Computing with Utility .ppt
bykong100
 
PDF
Cloud Computing and Virtualisation
byanupriti
 
PDF
Cloud computing & IAAS The Dual Edged Sword of New Technology
byMekhi Da ‘Quay Daniels
 
PPTX
Introduction to cloud computing
byVipin Batra
 
Introduction to Cloud Security.pptx
byssuser0fc2211
 
A survey on Improvement of virtual network communication security of trusted ...
byijsrd.com
 
Cloud.pptx
byAjit Wadhawan
 
Cloud Security
byRashmi Agale
 
Virtualization and cloud computing
byDeep Gupta
 
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
byIJIR JOURNALS IJIRUSA
 
Cloud Computing Presentation
byJReifman
 
Providing user security guarantees
byKamal Spring
 
Providing user security guarantees
byKamal Spring
 
talk6securingcloudamarprusty-191030091632.pptx
byTrongMinhHoang1
 
Providing user security guarantees in public infrastructure clouds
byShakas Technologies
 
Providing user security guarantees in public infrastructure clouds
byShakas Technologies
 
REPORT1 new
bysowmya seles
 
Cloud Security
byAWS User Group Bengaluru
 
Cloud Security
byAWS User Group Bengaluru
 
Cloud Computing
byMannat Singh
 
lecture5 Cloud Computing with Utility .ppt
bykong100
 
Cloud Computing and Virtualisation
byanupriti
 
Cloud computing & IAAS The Dual Edged Sword of New Technology
byMekhi Da ‘Quay Daniels
 
Introduction to cloud computing
byVipin Batra
 

More from Vishal Gohel

PPT
Cmp
byVishal Gohel
 
PPT
Bios
byVishal Gohel
 
PPT
MODEM INTERNAL AND EXTERNAL
byVishal Gohel
 
PPT
I/O DECIVES CPU
byVishal Gohel
 
PDF
3D bluetooth(VHGOHEL)
byVishal Gohel
 
PDF
BASIC COMPUTER (VH GOHEL)
byVishal Gohel
 
Cmp
byVishal Gohel
 
Bios
byVishal Gohel
 
MODEM INTERNAL AND EXTERNAL
byVishal Gohel
 
I/O DECIVES CPU
byVishal Gohel
 
3D bluetooth(VHGOHEL)
byVishal Gohel
 
BASIC COMPUTER (VH GOHEL)
byVishal Gohel
 

Recently uploaded

PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PDF
apidays Paris 2025 | API Layer7 Security: Real-World Use Cases (BBVA & Nexi)
byapidays
 
PDF
Chapter 6 Authentication and Access Control.pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
PDF
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PDF
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
PDF
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
PDF
final.pdf
byomarbishtawi04
 
PDF
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
 
PDF
Founder & Tech Lead | Web Development & Digital Growth Consultant | Helping B...
byShyamal Das
 
PDF
Towards a Vibrant AI Hardware Accelerator Ecosystem, invited talk at the 4th ...
byMichiaki Tatsubori
 
PPTX
Real-Time KPI Dashboard Playbook: What to Track Live and What Not To
byvictorworkvebo
 
PDF
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
apidays Paris 2025 | API Layer7 Security: Real-World Use Cases (BBVA & Nexi)
byapidays
 
Chapter 6 Authentication and Access Control.pdf
byGetnet Tigabie Askale -(GM)
 
CTO Strategy OS 2026: The Tech, AI & Cloud Playbook Boards Want
byridwansassman
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...
byJames Anderson
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
final.pdf
byomarbishtawi04
 
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
 
Founder & Tech Lead | Web Development & Digital Growth Consultant | Helping B...
byShyamal Das
 
Towards a Vibrant AI Hardware Accelerator Ecosystem, invited talk at the 4th ...
byMichiaki Tatsubori
 
Real-Time KPI Dashboard Playbook: What to Track Live and What Not To
byvictorworkvebo
 
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 

Cloud computing

  • 1.
    GOHEL VISHAL LECTURER OFCOMPUTER DEPT. GPBHUJ MO:9638893297 Improvement of virtual network communication security of trusted launch of virtual machine in public IAAS environment”
  • 2.
    Contents • Introduction • LiteratureReview (In Detail) • Reserch Findings • Research Objective • Work Plan/Simulation tools used • Problem Formulation (if any) • Proposed Methodology/Algorithm(if any) • Expected Outcome • Conclusion • Publication • Bibliography
  • 3.
    Introduction Of CloudComputing • What is Cloud Computing? • Until recently, computing meant a program that ran on a desktop or laptop computer on your desk, or a server in your lab. Or, using the internet, you could use a program that was running on a server somewhere else in the world. But it was always a specific piece of hardware in a specific location that was running the program. • In the context of cloud computing, cloud refers to the internet. And then, cloud computing means that the computing is happening somewhere in the cloud. You don't know where the computing is happening, most of the time, you can't know where it is happening (since it can keep moving around), and the most important factor is that you don't care.
  • 4.
    Types of CloudService • Software As A Service software as a service (saas) is the model in which an application is hosted as a service to customers who access it via the internet. when the software is hosted off- site, the customer doesn’t have to maintain it or support it. on the other hand, it is out of the customer ’s hands when the hosting service decideds to change it. the idea is that you use the software out of the box as is and do not need to make a lot of changes or require integration to other systems. • Hardware As A Service hardware as a service (haas) is the next form of service available in cloud computing. where saas and paas are providing applications to customers, haas doesn’t. it simply offers the hardware so that your organization can put whatever they want onto it. • Platform AS A Service following on the heels of saas, platform as a service (paas) is another application delivery model. paas supplies all the resources required to build applications and services completely from the internet, without having to download or install software.
  • 5.
    Introduction of IIAS •Infrastructure as a Service is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis. • IaaS is one of three main categories of cloud computing service. The other two are Software as a Service (SaaS) and Platform as a Service (PaaS). Infrastructure as a Service is sometimes referred to as Hardware as a Service (HaaS). • Characteristics and components of IaaS include: • Utility computing service and billing model. • Automation of administrative tasks. • Dynamic scaling. • Desktop virtualization. • Policy-based services. • Internet connectivity.
  • 6.
    Literature Review-1 • TrustedLaunch of Virtual Machine Instances in Public IaaS Environments-Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2-2011[1] – Problem statement That no modications or customizations of the VM image to be launched are performed by the IaaS provider without the client's knowledge. – Main contribution • 1. Description of a trusted launch protocol for VM instances in public IaaS environments. • 2. Implementation of the proposed protocol based on a widely-known IaaS platform.
  • 7.
    Literature Review-1(continue) – Methodology/Platform OpenStack IaaS platform ---- Simulation parameter Trusted VM launch protocol Conclusion Trusted computing offers capabilities to securely perform data manipulations on remote hardware owned and maintained by another party by potentially preventing the use of untrusted software on that hardware for such manipulations. Future work First is the extension of the trust chain to other operations on VM instances (migration, suspension, updates, etc.), as well as data storage and virtual network communications security. The second category includes addressing certain assumptions of the proposed launch protocol. The third category focuses on the design and implementation of the evaluation poli-cies of the TTP.
  • 8.
    Literature Review-2 • TrustedLaunch of Generic Virtual Machine Images in Public IaaS Environments-Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2-2011[2] – Problem statement That no modications or customizations of the VM image to be launched are performed by the IaaS provider without the client's knowledge. – Main contribution • 1. Introduction of the concept of generic virtual machine images in the context of IaaS • security. • 2. Description of a trusted launch protocol for generic VM images in IaaS environments. • 3. Implementation of the proposed protocol based on a widely-known IaaS platform..
  • 9.
    Literature Review-2(continue) – Methodology/Platform OpenStack IaaS platform ---- Simulation parameter Trusted GVM image launch protocol Conclusion Trusted computing offers capabilities to securely perform data manipulations on remote hardware owned and maintained by another party by potentially preventing the use of untrusted software on that hardware for such manipulations. Future work First is the extension of the trust chain to other operations on VM instances (migration, suspension, updates, etc.), as well as data storage and virtual network communications security. The second category includes addressing certain assumptions of the proposed launch protocol. The third category focuses on the design and implementation of the evaluation poli-cies of the TTP.
  • 10.
  • 11.
    Research Objective • TheObjectives of my dissertation work are • Improvement of Virtual network communication security in IaaS services. • Provide more secure cloud computing environment. • Provide secure run-time virtual environment using Xen virtualization system. • Secure Virtual Machine Execution under an Untrusted Management OS.
  • 12.
    Simulation tools used •Xen Hypervisor • XEN (originally called XENoServers) project is funded by Engineering and Physical Sciences Research Council of the UK (UK - EPSRC) at the University of Cambridge. The XENoServers project is led by Ian Pratt, a Senior Lecturer at the University of Cambridge Computer Laboratory, Fellow of King ’ s College Cambridge, and a leader of the Systems Research Group at the University of Cambridge. The aim of the XENoServers project is to develop a powerful, flexible infrastructure for global distributed computing. A key element of the XENoServers project is the ability to enable single machines to run different, or multiple, operating system instances and their associated applications in isolated, protected environments. These operating system instances can then separately account for resource use and provide unique system accounting and auditing information.
  • 13.
    Problem Formulation “Improvement ofvirtual network communication security of trusted launch of virtual machine in public IAAS environment” • •Proposed research work •I proposed a virtualization architecture to ensure a secure VM execution environment under an untrusted management OS. And Comparison between an untrusted and trusted management OS. The mechanism includes a secure network interface, secure secondary storage and most importantly, a secure run-time execution environment. •I want to implement the secure run-time environment in the Xen virtualization system. And also go for identification which hypervisor is more convenient for trusted virtual network communication security. •I want to demonstrate how it can be used to facilitate secure remote computing services. •I believe that using the proposed secure virtualization architecture, even under an untrusted management OS, a trusted computing environment can be created for a VM which needs a high security level, with very small performance penalties.
  • 14.
    Proposed Methodology/Algorithm • 1.Trusted VM launch protocol. • 2. Open stack IaaS platform. • 3. Secure virtual machine and untrusted OS.
  • 15.
    Work Plan Sr. No. Work TimeOutcome 1. Module1(Introduction of cloud computing) --- Detail understanding about cloud computing 2. Module2(detail services of cloud computing) --- Service related different issues 3. Module3(Detail study of IAAS) --- IAAS related detail issues 4 Literature survey about Iaas services --- Concept is clear about Iaas services 5 Find final definition --- Clear final definition 6 Propose design --- Prototype module 7 Implementation of propose design using simulator --- 8 Testing of work done --- 9 Perforation study and comparison --- 10 Plot Improvement graph and chart ---
  • 16.
    Expected Outcome • Securenetwork interface. • Secure run-time environment in the Xen virtualization system and compare to the other hypervisor. • Secure remote computing services.
  • 17.
    Conclusion • The mechanismincludes a secure network interface, secure secondary storage and most importantly, a secure run-time execution environment. We have implemented the secure run- time environment in the Xen virtualization system. I believe that using the proposed secure virtualization architecture, even under an untrusted management OS, a trusted computing environment can be created for a VM which needs a high security level, with very small performance penalties.
  • 18.
    References 1. Nicolae Paladi1,Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2. “Trusted Launch of Virtual Machine Instances in Public IaaS Environments” October 2011, AFCEA cyber communit. 2. Nicolae Paladi1, Christian Gehrmann1, Mudassar Aslam1, and Fredric Morenius2. “Trusted Launch of Virtual Machine Instances in Public IaaS Environments” October 2011, AFCEA cyber communit 3. Chunxiao Li, Anand Raghunathan, Niraj K. Jha “Secure Virtual Machine Execution under an Untrusted Management OS”(2010).
  • 19.
    Bibliography • http://www.eucalyptus.com • Virtualizationoverview, White paper, VM Ware • http://www.technomenace.com/2010/11/cre ating-xen-virtual-machine-domu/ • http://www.cl.cam.ac.uk/research/srg/netos/ xen/performance.html • http://www.xen.org