By Topic

Multi-layered Virtual Machines for Security Updates in Grid Environments

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Schwarzkopf, R. ; Dept. of Math. & Comput. Sci., Univ. of Marburg, Marburg, Germany ; Schmidt, M. ; Fallenbeck, N. ; Freisleben, B.

The use of user specific virtual machines (VMs) in Grid and Cloud computing reduces the administration overhead associated with manually installing required software for every user on every computational resource. However, a large number of user specific VMs increases the risk of security attacks. In particular, Cloud computing providers like Amazon suffer from these problems, since they offer different operating systems within VMs and delegate the security update problem for VMs to the users. In this paper, a solution that solves the problem by separating a VM into several layers is presented. The approach creates the possibility of installing security updates into a base layer centrally, affecting all VMs without affecting the users' own installed software stack by merging package databases. The proposal permits resource providers to keep a large number of VMs patched with the latest security fixes without bothering the users. Furthermore, the proposal avoids the overhead for transferring possible large VM images over the network between the nodes of a Grid or Cloud by allowing to hold locally cached VM images with a basic operating system installation while only the user-specific software stack stored in a separate layer needs to be transferred.

Published in:

Software Engineering and Advanced Applications, 2009. SEAA '09. 35th Euromicro Conference on

Date of Conference:

27-29 Aug. 2009