90 likes | 259 Views
Virtualization: An Overview . Brendan Lynch. Forms of virtualization . In all cases virtualization is taking a physical component and simulating the interface through multiplexing, aggregation, and/or emulation. VMs can exist at the application level as well as the hardware level.
E N D
Virtualization:An Overview Brendan Lynch
Forms of virtualization • In all cases virtualization is taking a physical component and simulating the interface through multiplexing, aggregation, and/or emulation. • VMs can exist at the application level as well as the hardware level. • Process VMs, System VMs and simply virtualized resources.
System VMs • Critical aspect of cloud computing and utility computing in general. • Pooling resources for higher utilization is a requirement of utility computing. • In a cloud this allows higher elasticity and system security
Virtual Machine Monitor - VMM • A thin middleware that manages virtual machines. • The VMM facilitates all operations between the host and guest system. • The guest system is an OS; the host system can be another OS or actual hardware or virtualized hardware.
VMM - continued • Guest Operating systems run all OS operations through the virtual hardware. • These calls are ‘trapped’ by the VMM and run on the host system. This layer of abstraction can greatly increase security. • In the case of a host OS all the VMM does is scan these instructions and send them to the host OS for scheduling. • Hardware VMMs must provide all scheduling, I/O ect.
VMM - continued • This extra layer between the host/guest incurs additional overhead. • This cost is in addition to the hardware being simulated. • Benefits include: exclusive access to declared resources, system isolation for security, easy scalability for deployment, and performance monitoring optimizations.
Security Risk • The biggest concerns associated to off-site storage are the ones we can not control: • Physical security of components • What is the level of security of the overall system? • Am I running on the hardware? • Is the host OS secure?
Security Risk cont. • VMM based threats: • Starvation: Is my VM being context swapped, what does this do too performance. • Malicious VMs can attempt to bypass resource limits • VM side-channel attacks • VM maliciously/non-maliciously flooded from other VM communications • As mentioned earlier vulnerabilities could exist at a lower level. The VM is helpless to these attacks.
Conclusions • Virtual machines and VMMs are a requirement of utility computing. • Trust must exist in the hardware/host OS owner that the system is kept secure. • Virtual machines allow high levels of hardware utilization and provide portability. • HLL level portability and OS image level portability.