Secure Migration of Virtual Machine (SV2M) in Cloud Federation using Enhanced Key Management

Abstract

Virtual Machine (VM) migration is one of the core features of Cloud, which is mainly used for high availability, workload balancing, hardware maintenance and fault takeover. It is used by private Cloud Service Providers (CSPs) for the migration of VM on the public Cloud when the demand for computa- tional resources increases. However, VM migration has severe security issues and it is prone to active and passive attacks. By exploiting the vulnerabil- ities of the migration process, attacker can launch attacks on availability, integrity and con dentiality of the VM data by illegally accessing or adding malicious code to VM images. Therefore, CSPs are reluctant to use this im- portant feature, especially when the VM contains sensitive data. Previously, security aspects in the VM migration process were not completely explored; therefore, this paper proposes a comprehensive system for secure migration of VM in the Cloud environment which provides security features such as authorization, con dentiality, replay protection, integrity, mutual authenti- cation and source non-repudiation with negligible modi cations in existing infrastructure. We have carried out a thorough security requirement analysis of the VM migration process. We have enhanced the key manager of Cloud provider which now o ers new features for the management and storage of keys involved in the SV2M solution. In addition, we have also incorporated the SV2M in a widely-used open source Cloud platform, and have evaluated the SV2M system with respect to performance and security.