Cloud Computing and Virtualization
Buy Rights Online Buy Rights

Rights Contact Login For More Details

  • Wiley

More About This Title Cloud Computing and Virtualization

English

The purpose of this book is first to study cloud computing concepts, security concern in clouds and data centers, live migration and its importance for cloud computing, the role of firewalls in domains with particular focus on virtual machine (VM) migration and its security concerns. The book then tackles design, implementation of the frameworks and prepares test-beds for testing and evaluating VM migration procedures as well as firewall rule migration. The book demonstrates how cloud computing can produce an effective way of network management, especially from a security perspective.

English

Dac-Nhuong Le obtained his PhD in computer science from Vietnam National University, Vietnam in 2015. He is Deputy-Head of Faculty of Information Technology, Haiphong University, Vietnam. His area of research includes: evaluation computing and approximate algorithms, network communication, security and vulnerability, network performance analysis and simulation, cloud computing, IoT and image processing in biomedical. He has authored 4 computer science books and has multiple research articles in international journals.

Raghvendra Kumar completed his PhD in the Faculty of Engineering and Technology, Jodhpur National University, India. He has authored several research papers in Scopus indexed and impact factor research journals\international conferences as well as 6 authored and 9 edited books on computer science. His areas of interest include wireless sensor network (WSN), Internet of Things, mobile application programming, ad hoc networks, cloud computing, big data, mobile computing, data mining and software engineering.

Nguyen Gia Nhu received the PhD degree in computer science from Ha Noi University of Science, Vietnam National University, Vietnam. He is now the Vice Dean of Graduate School at Duy Tan University. He has more than 40 publications in reputed international conferences, journals and book chapter contributions. His research interests include algorithm theory, network optimization and wireless security.

Jyotir Moy Chatterjee is working as an Assistant Professor in the Department of Computer Science and Engineering at GD-RCET, Bhilai, C.G, India. He received his M.Tech from KIIT University, Bhubaneswar, Odisha and B.Tech in Computer Science & Engineering from Dr. MGR Educational & Research Institute University, Chennai, (Tamil Nadu). His research interests include cloud computing, big data, privacy preservation and data mining.

English

List of Figures xii

List of Tables xv

Preface xvii

Acknowledgments xxiii

Acronyms xxv

Introduction xxvii

1 Live Virtual Concept in Cloud Environment 1

1.1 Live Migration 2

1.1.1 Definition of Live Migration 2

1.1.2 Techniques for Live Migration 2

1.2 Issues with Migration 4

1.2.1 Application Performance Degradation 4

1.2.2 Network Congestion 4

1.2.3 Migration Time 5

1.3 Research on Live Migration 5

1.3.1 Sequencer (CQNCR) 5

1.3.2 The COMMA System 5

1.3.3 Clique Migration 6

1.3.4 Time-Bound Migration 6

1.3.5 Measuring Migration Impact 7

1.4 Total Migration Time 7

1.4.1 VM Traffic Impact 7

1.4.2 Bin Packing 8

1.5 Graph Partitioning 8

1.5.1 Learning Automata Partitioning 9

1.5.2 Advantages of Live Migration over WAN 11

1.6 Conclusion 12

References 12

2 Live Virtual Machine Migration in Cloud 15

2.1 Introduction 16

2.1.1 Virtualization 16

2.1.2 Types of Virtual Machines 18

2.1.3 Virtual Machine Applications 18

2.2 Business Challenge 19

2.2.1 Dynamic Load Balancing 19

2.2.2 No VM Downtime During Maintenance 20

2.3 Virtual Machine Migration 20

2.3.1 Advantages of Virtualization 22

2.3.2 Components of Virtualization 22

2.3.3 Types of Virtualization 23

2.4 Virtualization System 26

2.4.1 Xen Hypervisor 26

2.4.2 KVM Hypervisor 27

2.4.3 OpenStack 30

2.4.4 Storage 31

2.4.5 Server Virtualization 33

2.5 Live Virtual Machine Migration 33

2.5.1 QEMU and KVM 34

2.5.2 Libvirt 35

2.6 Conclusion 36

References 37

3 Attacks and Policies in Cloud Computing and Live Migration 39

3.1 Introduction to Cloud Computing 40

3.2 Common Types of Attacks and Policies 42

3.2.1 Buffer Overflows 42

3.2.2 Heap Overflows 42

3.2.3 Web-Based Attacks 43

3.2.4 DNS Attacks 47

3.2.5 Layer 3 Routing Attacks 48

3.2.6 ManintheMiddle Attack (MITM)

3.3 Conclusion 50 References 50 49

4 Live Migration Security in Cloud 53

4.1 Cloud Security and Security Appliances 54

4.2 VMM in Clouds and Security Concerns 54

4.3 Software-Defined Networking 56

4.3.1 Firewall in Cloud and SDN 57

4.3.2 SDN and Floodlight Controllers 61

4.4 Distributed Messaging System 62

4.4.1 Approach 63

4.4.2 MigApp Design 63

4.5 Customized Testbed for Testing Migration Security in Cloud 63

4.5.1 Preliminaries 65

4.5.2 Testbed Description 66

4.6 A Case Study and Other Use Cases 67

4.6.1 Case Study: Firewall Rule Migration and Verification 68

4.6.2 Existing Security Issues in Cloud Scenarios 68

4.6.3 Authentication in Cloud 69

4.6.4 Hybrid Approaches for Security in Cloud Computing 71

4.6.5 Data Transfer Architecture in Cloud Computing 71

4.7 Conclusion 72

References 72

5 Solution for Secure Live Migration 75

5.1 Detecting and Preventing Data Migrations to the Cloud 76

5.1.1 Internal Data Migrations 76

5.1.2 Movement to the Cloud 76

5.2 Protecting Data Moving to the Cloud 76

5.3 Application Security 77

5.4 Virtualization 78

5.5 Virtual Machine Guest Hardening 79

5.6 Security as a Service 82

5.6.1 Ubiquity of Security as a Service 83

5.6.2 Advantages of Implementing Security as a Service 85

5.6.3 Identity, Entitlement, and Access Management Services 87

5.7 Conclusion 93

References 94

6 Dynamic Load Balancing Based on Live Migration 95

6.1 Introduction 96

6.2 Classification of Load Balancing Techniques 96

6.2.1 Static and Dynamic Scheduling 97

6.2.2 Load Rebalancing 97

6.3 Policy Engine 98

6.4 Load Balancing Algorithm 100

6.5 Resource Load Balancing 101

6.5.1 Server Load Metric 102

6.5.2 System Imbalance Metric 102

6.5.3 Other Key Parameters 102

6.6 Load Balancers in Virtual Infrastructure Management Software 103

6.7 VMware Distributed Resource Scheduler 103

6.7.1 OpenNebula 104

6.7.2 Scheduling Policies 105

6.8 Conclusion 105

References 105

7 Live Migration in Cloud Data Center 107

7.1 Definition of Data Center 108

7.2 Data Center Traffic Characteristics 110

7.3 Traffic Engineering for Data Centers 111

7.4 Energy Efficiency in Cloud Data Centers 113

7.5 Major Cause of Energy Waste 113

7.5.1 Lack of a Standardized Metric of

Server Energy Efficiency

7.5.2 Energy Efficient Solutions Are Still Not 113

Widely Adopted 114

7.6 Power Measurement and Modeling in Cloud 114

7.7 Power Measurement Techniques 114

7.7.1 Power Measurement for Servers 114

7.7.2 Power Measurement for VMS 115

7.7.3 Power and Energy Estimation Models 115

7.7.4 Power and Energy Modeling for Servers 115

7.7.5 Power Modeling for VMs 116

7.7.6 Power Modeling for VM Migration 116

7.7.7 Energy Efficiency Metrics 117

7.8 Power Saving Policies in Cloud 117

7.8.1 Dynamic Frequency and Voltage Scaling 118

7.8.2 Powering Down 118

7.8.3 EnergyAware Consolidation 118

7.9 Conclusion 118

References 119

8 Trusted VM-vTPM Live Migration Protocol in Clouds 121

8.1 Trusted Computing 122

8.2 TPM Operations 122

8.3 TPM Applications and Extensions 123

8.4 TPM Use Cases 124

8.5 State of the Art in Public Cloud Computing Security 125

8.5.1 Cloud Management Interface 125

8.5.2 Challenges in Securing the Virtualized Environment 126

8.5.3 The Trust in TPM 127

8.5.4 Challenges 129

8.6 Launch and Migration of Virtual Machines 130

8.6.1 Trusted Virtual Machines and Virtual

Machine Managers 130

8.6.2 Seeding Clouds with Trust Anchors 131

8.6.3 Securely Launching Virtual Machines on Trustworthy Platforms in a Public Cloud 131

8.7 Trusted VM Launch and Migration Protocol 132

8.8 Conclusion 134

References 134

9 Lightweight Live Migration 137

9.1 Introduction 138

9.2 VM Checkpointing 138

9.2.1 Checkpointing Virtual Cluster 139

9.2.2 VM Resumption 140

9.2.3 Migration without Hypervisor 140

9.2.4 Adaptive Live Migration to Improve Load Balancing 141

9.2.5 VM Disk Migrations 142

9.3 Enhanced VM Live Migration 143

9.4 VM Checkpointing Mechanisms 144

9.5 Lightweight Live Migration for Solo VM 145

9.5.1 Block Sharing and Hybrid Compression Support 145

9.5.2 Architecture 146

9.5.3 FGBI Execution Flow 147

9.6 Lightweight Checkpointing 148

9.6.1 High-Frequency Checkpointing Mechanism 150

9.6.2 Distributed Checkpoint Algorithm in VPC 150

9.7 StorageAdaptive Live Migration 152

9.8 Conclusion 154

References 154

10 Virtual Machine Mobility with SelfMigration 157

10.1 Checkpoints and Mobility 158

10.2 Manual and Seamless Mobility 158

10.3 Fine-and Coarse-Grained Mobility Models 159

10.3.1 Data and Object Mobility 159

10.3.2 Process Migration 160

10.4 Migration Freeze Time 160

10.5 Device Drivers 161

10.5.1 Design Space 162

10.5.2 In-Kernel Device Drivers 162

10.5.3 Use of VMs for Driver Isolation 164

10.5.4 Context Switching Overhead 164

10.5.5 Restarting Device Drivers 165

10.5.6 External Device State 165

10.5.7 Type Safe Languages 166

10.5.8 Software Fault Isolation 166

10.6 Self-Migration 167

10.6.1 Hosted Migration 167

10.6.2 Self-Migration Prerequisites 169

10.7 Conclusion 170

References 170

11 Different Approaches for Live Migration 173

11.1 Virtualization 174

11.1.1 Hardware-Assisted Virtualization 174

11.1.2 Horizontal Scaling 175

11.1.3 Vertical Scaling 175

11.2 Types of Live Migration 176

11.2.1 Cold Migration 176

11.2.2 Suspend/Resume Migration 176

11.2.3 Live VM Migration 176

11.3 Live VM Migration Types 177

11.3.1 Pre-Copy Live Migration 177

11.3.2 Post-copy Live Migration 178

11.3.3 Hybrid Live Migration 178

11.4 Hybrid Live Migration 179

11.4.1 Hybrid Approach for Live Migration 179

11.4.2 Basic Hybrid Migration Algorithm 180

11.5 Reliable Hybrid Live Migration 180

11.5.1 Push Phase 181

11.5.2 Stop-and-Copy Phase 181

11.5.3 Pull Phase 181

11.5.4 Network Buffering 181

11.6 Conclusion 181

References 182

12 Migrating Security Policies in Cloud 183

12.1 Cloud Computing 184

12.2 Firewalls in Cloud and SDN 187

12.3 Distributed Messaging System 191

12.4 Migration Security in Cloud 192

12.5 Conclusion 194

References 194

13 Case Study 195

13.1 Kernel-Based Virtual Machine 196

13.2 Xen 196

13.3 Secure Data Analysis in GIS 196

13.3.1 Database 197

13.3.2 Data Mining and Techniques 197

13.3.3 Distributed Database 197

13.3.4 Spatial Data Mining 198

13.3.5 Secure Multi-Party Computation 198

13.3.6 Association Rule Mining Problem 198

13.3.7 Distributed Association Ruling 199

13.3.8 Data Analysis in GIS System

13.4 Emergence of Green Computing in Modern Computing Environment 200

13.5 Green Computing 203

13.6 Conclusion 204

References 205

loading