Two-Level Security Framework for Virtual Machine Migration In Cloud Computing

Volume 7 Issue 1 December - February 2018

Research Paper

Two-Level Security Framework for Virtual Machine Migration In Cloud Computing

Yashveer Yadav*, C. Rama Krishna**

* Ph.D. Scholar, Applied Science Department of Computer Applications, I. K. Gujral Punjab Technical University, Punjab, India,

** Professor and Head, Department of Computer Science and Engineering, NITTTR, Chandigarh, India.

Yadav, Y., & Krishna, C. R. (2018). Two-Level Security Framework for Virtual Machine Migration in Cloud Computing. i-manager’s Journal on Information Technology, 7(1), 34-44. https://doi.org/10.26634/jit.7.1.14095

Abstract

Cloud computing is a new generation utility computing. It provides the control to use computing as a utility which can be used anywhere at any time. It's highly elastic and can be grown or shrink according to user demand. The elasticity of computing power in cloud is based on the migration of virtual machine from overutilized servers to underutilized servers and vice-versa.Virtual machine migration (VMM) is used to reduce the power consumption of cloud environment that leads to green computing. In virtual Machine Migration, virtual machines are migrated from one physical server to another physical server that may lead to security threats like Replay, 'Time-of-Check' to 'Time-of-Use' (TOCTTOU), Resumption Ordering etc. Several experiments have been conducted by using KVM/QEMU(Kernel-based Virtual Machine/Quick Emulator) hypervisor. It is found that tampering of data by Man-In-The-Middle (MITM) is possible in information gathering phase and TOCTTOU can be injected. This may lead to serious security threat and can create hotspot at the destination host, which can degrade the performance of overall cloud experience. Hotspot is the situation where physical host is not able to fulfil the requested resources requirement. In this paper, a Two-level Security Framework has been proposed for protecting the VMM process from tampering of data and TOCTTOU problem. Further, the results of proposed technique have been compared with predefined RSA (Rivest–Shamir–Adleman) encryption and decryption technique in terms of time that can be used to protect the tampering of data in information gathering phase. The results indicate that this proposed technique reduces the time from 12.2 to 10.3 seconds (network size of 28 physical host) for protecting the data in information gathering phase of virtual machine migration process.