CN103645949A - Virtual machine dynamic migration security framework - Google Patents
Virtual machine dynamic migration security framework Download PDFInfo
- Publication number
- CN103645949A CN103645949A CN201310671771.9A CN201310671771A CN103645949A CN 103645949 A CN103645949 A CN 103645949A CN 201310671771 A CN201310671771 A CN 201310671771A CN 103645949 A CN103645949 A CN 103645949A
- Authority
- CN
- China
- Prior art keywords
- migration
- virtual machine
- strategy
- security
- engine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 230000005012 migration Effects 0.000 title claims abstract description 190
- 238000013508 migration Methods 0.000 title claims abstract description 190
- 230000006870 function Effects 0.000 claims abstract description 4
- 238000012546 transfer Methods 0.000 claims description 18
- 230000005540 biological transmission Effects 0.000 claims description 12
- 238000007726 management method Methods 0.000 claims description 8
- 238000000034 method Methods 0.000 claims description 8
- 238000012550 audit Methods 0.000 claims description 7
- 230000008569 process Effects 0.000 claims description 7
- 230000002457 bidirectional effect Effects 0.000 claims description 6
- 238000009472 formulation Methods 0.000 claims description 2
- 239000000203 mixture Substances 0.000 claims description 2
- 230000007704 transition Effects 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 4
- 238000005516 engineering process Methods 0.000 description 7
- 230000009286 beneficial effect Effects 0.000 description 1
- GPUADMRJQVPIAS-QCVDVZFFSA-M cerivastatin sodium Chemical compound [Na+].COCC1=C(C(C)C)N=C(C(C)C)C(\C=C\[C@@H](O)C[C@@H](O)CC([O-])=O)=C1C1=CC=C(F)C=C1 GPUADMRJQVPIAS-QCVDVZFFSA-M 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 239000002574 poison Substances 0.000 description 1
- 231100000614 poison Toxicity 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Abstract
The invention relates to the technical field of computer information security, in particular to a virtual machine dynamic migration security framework. The virtual machine dynamic migration security framework is composed of a centralized control engine and a local migration engine, the centralized control engine is controlled by a security policy to provide the functions of both-way identity authentication, access control and safety auditing, the resource using conditions of a physical server and a virtual machine are monitored in real time, and the resource basis is provided for virtual machine dynamic migration. The local migration engine is controlled by the security policy to complete the virtual machine dynamic migration in a graded mode according to set migration policies. The virtual machine dynamic migration security framework supports various security mechanisms and various virtual machine dynamic migration policies, the safety of virtual machine sensitive information is effectively protected, security attacks to virtual machine dynamic migration are defended, and high compatibility is achieved.
Description
Technical field
The present invention relates to computer information safety technique field, particularly a kind of virtual machine dynamic migration security framework.
Background technology
Along with the development of Intel Virtualization Technology, produced a lot of new technologies, wherein virtual machine dynamic migration be virtual exclusive be also one of its most important technology.Virtual machine dynamic migration, refers to virtual machine in when operation and can continue to provide under the prerequisite of service, the virtual platform server operation from a virtual platform server migration to other.Virtual machine dynamic migration has been realized virtual machine running status by the migration of network fast transparent between physical machine, can, for flexible deployment, resource optimization and the power management etc. of dynamic adjustment, system on-line maintenance and Active Fault Tolerant and the application of load in large-scale virtual environment, be widely used.
At present, the main virtual platform manufacturer of several families such as Citrix, VMware and Microsoft has all proposed own virtual machine dynamic migration technology.Yet, in existing virtual machine dynamic migration technology and product, but existing great potential safety hazard, some security breaches of yet having exposed, seldom even do not consider the security of dynamic migration in the realization of dynamic migration.Industry has realized that security and the importance thereof of virtual machine dynamic migration, and has carried out deep research.Security threat and attack for virtual machine dynamic migration, mainly comprise three classes:
(1) control plane
Monitor of virtual machine starts and the communication mechanism of managing virtual machines dynamic migration must be differentiated and can resist attack.In addition, must protect the agreement used in control plane to avoid deception and Replay Attack.Lacking correct access control can make assailant can start arbitrarily virtual machine (vm) migration.The control plane that assailant may handle monitor of virtual machine is to affect virtual machine dynamic migration and to obtain the control of client operating system.Attack for control plane comprises the control of moving into, the control of moving out, issue false resource etc.
(2) data plane
Must guarantee to carry out virtual machine (vm) migration data plane security and protect it to avoid spying upon and destroying client operation system state.For the passive attack of data plane, can cause the leakage of sensitive information in client operating system, and active attack can cause the destruction completely of client operating system.Assailant can use such as ARP deception, DNS poisons and the technology such as routing detours, makes it logically in migration transmission path, thereby causes the man-in-the-middle attack for virtual machine dynamic migration.
(3) transferring module
Realize the monitor of virtual machine assembly of virtual machine dynamic migration function and must can resist attack.Because transferring module is provided services on the Internet, by service, carry out the transmission of virtual machine, common software vulnerability can be utilized to destroy monitor of virtual machine by long-range attack person as stack, heap and integer overflow.Even if virtual machine (vm) migration is also seldom considered as open service, the code of transferring module does not but obtain detailed examination.
Xensploit instrument, carries out man-in-the-middle attack to the dynamic migration of virtual machine.Its principle is, in virtual machine dynamic migration process, when virtual machine transmits in network, to control the internal memory of virtual machine.Xensploit, based on fragroute framework, can attack the virtual machine dynamic migration of Xen and VMware.
Summary of the invention
In order to solve the problem of prior art, the invention provides a kind of virtual machine dynamic migration security framework, by Security Assurance Mechanism is provided, the security of protection virtual machine sensitive information, resists the security attack for virtual machine dynamic migration.
The technical solution adopted in the present invention is as follows:
A kind of virtual machine dynamic migration security framework, by centralized control engine and the local migration engine being positioned on each separate server, formed, described centralized control engine is under the control of security strategy, bidirectional identification discriminating, access control, security audit function are provided, the resource service condition of real-time monitors physical server and virtual machine, for virtual machine dynamic migration provides resource foundation; Described local migration engine, under the control of security strategy, according to set migration strategy, completes the dynamic migration of virtual machine stage by stage.
Centralized control engine by safety transfer strategy, identity discriminating, access control, security audit, focus detect, safety transfer manages six parts and forms, wherein:
(1) safety transfer strategy: the security strategy of management and formulation virtual machine dynamic migration, only have the migration request that meets safety transfer strategy, could allow to carry out;
(2) identity is differentiated: by public key certificate mode, the territory, source of virtual machine (vm) migration, aiming field are carried out to bidirectional identification discriminating, veritify the legitimacy of territory, source, aiming field identity;
(3) access control: the relevant operation of virtual machine dynamic migration, request are forced to access control or the access control based on role, and the virtual machine that only has dynamic migration authority could be by dynamic migration;
(4) security audit: record the every operation vestige in virtual machine dynamic migration process, as a kind of measure of following the trail of, collecting evidence afterwards, trace risk and leak that virtual machine dynamic migration is relevant;
(5) focus is detected: the resource monitor periodically and in local migration engine is sent request, obtain each physical server and virtual machine for the service condition of CPU, internal memory and the network bandwidth, and collect the resource general situation of application that forms whole platform, according to resource general situation of application, search resource and use focus, offer safety transfer administration module and use;
(6) safety transfer management: finally determine whether to initiate and how to initiate the dynamic migration operation of virtual machine, when meeting virtual machine (vm) migration resource requirement, to local migration engine, " migration request " signal occurs.
Focus is detected and based on following condition, is carried out focus and detect:
(1) virtual machine can not obtain the network bandwidth of expectation;
(2) physical server surpasses reservation threshold for the utilization rate of CPU and bandwidth;
(3) frequently there is internal memory and swap out in physical server.
Local migration engine provides local resource service condition, receives the migration request of centralized control engine and carry out actual migration operation to centralized control engine, described local migration engine mainly by resource monitor, migration monitor, migration is supported, migration operation, migration wake up, six parts of safe transmission form, wherein:
(1) resource monitor: be responsible for obtaining the service condition of CPU on home server, internal memory and network bandwidth resources and the resource service condition of each virtual machine;
(2) migration is supported: provide virtual machine dynamic migration required brace foundation, comprise migration strategy and migration optimisation strategy, migration is monitored module according to current resource service condition, available network bandwidth condition, selects applicable migration strategy and migration optimisation strategy;
(3) migration is monitored: from centralized control engine, receive migration request, with the migration in aiming field, monitor alternately, select suitable migration strategy and migration optimisation strategy from migration supporting module; The initialization of carrying out virtual machine dynamic migration is monitored in migration in aiming field; After initialization completes, aiming field sends " starting migration " signal by monitor of virtual machine VMM to source domain migration operation module, enters migration operation module;
(4) migration operation: according to selected migration strategy and migration optimisation strategy, complete the copy of virtual machine state from territory, source to aiming field; Operation transferring module has copied the final state information of VME operating system, to aiming field, sends " copy finishes " signal;
(5) migration activates: receive " copy finishes " signal, activate the virtual machine of new migration in aiming field, recover the service in territory, source on aiming field, return to " moving successfully " information to territory, source; Territory, source VMM receives this information, destroys the virtual machine being moved in territory, source;
(6) safe transmission: guarantee the transmission security of virtual machine in transition process by measures such as data encryptions, protect its confidentiality and integrity.
The beneficial effect that the technical scheme that the embodiment of the present invention provides is brought is:
Centralized control engine is grasped the service condition of physics and virtual resource in platform on the whole, under the control of safety transfer strategy, initiates as required the operation of virtual machine dynamic migration, the load balancing within the scope of implementation platform.
Security framework of the present invention is supported multiple safe mechanism and virtual machine dynamic migration strategy, effectively protects the security of virtual machine sensitive information, resists the security attack for virtual machine dynamic migration, and has stronger compatibility.
Accompanying drawing explanation
Fig. 1 is the structural representation of a kind of virtual machine dynamic migration security framework of the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, embodiment of the present invention is described further in detail.
Embodiment mono-
Principle of work of the present invention and being constructed as follows:
(1) environment structure
(1) virtual environment
In virtual environment, establish two physical server Sa and Sb and moving respectively territory, source A and aiming field B.In the A of territory, source, moving monitor of virtual machine VMM, franchise virtual machine Dom0, virtual machine VMa; In aiming field B, moving monitor of virtual machine VMM, franchise virtual machine Dom0.
Aiming field B has the required resource of virtual machine dynamic migration, and the virtual machine VMa in the A of territory, source will move in aiming field B according to virtual machine dynamic migration security framework.
(2) virtual machine dynamic migration security framework
Virtual machine dynamic migration security framework is comprised of centralized control engine and the local migration engine being positioned on separate server.Centralized control is engine-operated in server independently, and local migration engine runs in the franchise virtual machine Dom0 of territory, source A and aiming field B.
(2) centralized control engine
Centralized control engine is grasped the service condition of physics and virtual resource in platform on the whole, according to preset strategy, under the control of safety transfer strategy, initiates as required the operation of virtual machine dynamic migration, the load balancing within the scope of implementation platform.Centralized control engine by safety transfer strategy, identity discriminating, access control, security audit, focus detect, six parts of safety transfer management form.
(3) local migration engine
Local migration engine provides local resource service condition, receives the migration request of centralized control engine and carry out actual migration operation to centralized control engine.Local migration engine by resource monitor, migration monitor, migration is supported, migration operation, migration wake up, six parts of safe transmission form.
(4) framework initialization
(1) migration security strategy is formulated: by safety transfer policy module formulate virtual machine dynamic migration should be satisfied security strategy; Also formulate Mandatory Access Control etc. simultaneously;
(2) identity is differentiated: arrange and participate in territory, the source A of virtual machine dynamic migration process and PKI digital certificate CertA and the CertB of aiming field B, carry out the bidirectional identification of territory, source A and aiming field B differentiate by PKI digital certificate.
(3) rights management: the authority that participates in virtual machine in virtual machine dynamic migration process is set, as migration virtual machine;
(4) focus is detected condition: set focus and detect condition, focus is detected module and carried out focus and detect accordingly, and selects to meet the virtual machine of virtual machine dynamic migration resource requirement;
(5) safe transmission parameter: safe transmission cryptographic algorithm used, key length, operator scheme, hash algorithm etc. are set;
(6) migration is supported: the migration strategy that virtual machine dynamic migration is used is set, and as tactful in copy after internal memory pre-copy strategy, internal memory etc., migration optimisation strategy, as internal memory compression, dma mode etc.
(5) virtual machine dynamic migration
(1) focus in centralized control engine is detected by resource monitor Real-time Obtaining physical server Sa, Sb in local migration engine and the resource service condition in virtual machine source territory A and aiming field B, form resource general situation of application in whole virtual environment, according to focus, detect condition, select to meet the aiming field B of virtual machine dynamic migration resource requirement;
(2) bidirectional identification that carries out territory, source A and aiming field B is differentiated, by the authority of rear inspection source territory A and aiming field B.Only have by rear, select cryptographic algorithm, key length, operator scheme and hash algorithm, and set up secure transmission tunnel.Safety transfer management in the A of territory, source is monitored migration request signal is occurred to the migration in the A of territory, source;
(3) receive migration request, the migration in the A of territory, source is monitored with the migration in aiming field B and is monitored alternately, selects suitable migration strategy and migration optimisation strategy from migration supporting module;
(4) carry out the initialization of virtual machine dynamic migration, as moved the building work of virtual machine VMa' at aiming field B, create territory, source virtual unit, for newly-built territory, carry out the dynamic assignment of internal memory, newly-built territory arranged etc.After initialization completes, aiming field sends " starting migration " signal by monitor of virtual machine VMM to territory, source A migration operation module, enters migration operation module;
(5) according to selected migration strategy and migration optimisation strategy, complete the copy of virtual machine state from territory, source A to aiming field B.Operation transferring module has copied the final state information of VME operating system, to aiming field B, sends " copy finishes " signal;
(6) in aiming field B, migration activates and receives " copy finishes " signal, activates the virtual machine VMa' of new migration, and the service that recovers territory, source A on aiming field B, returns to " moving successfully " information to territory, source A.In the A of territory, source, VMM receives this information, destroys in territory, source by migration virtual machine VMa.
The foregoing is only preferred embodiment of the present invention, in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of doing, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (4)
1. a virtual machine dynamic migration security framework, it is characterized in that: by centralized control engine and the local migration engine being positioned on each separate server, formed, described centralized control engine is under the control of security strategy, bidirectional identification discriminating, access control, security audit function are provided, the resource service condition of real-time monitors physical server and virtual machine, for virtual machine dynamic migration provides resource foundation; Described local migration engine, under the control of security strategy, according to set migration strategy, completes the dynamic migration of virtual machine stage by stage.
2. a kind of virtual machine dynamic migration security framework according to claim 1, it is characterized in that, described centralized control engine by safety transfer strategy, identity discriminating, access control, security audit, focus detect, safety transfer manages six parts and forms, wherein:
(1) safety transfer strategy: the security strategy of management and formulation virtual machine dynamic migration, only have the migration request that meets safety transfer strategy, could allow to carry out;
(2) identity is differentiated: by public key certificate mode, the territory, source of virtual machine (vm) migration, aiming field are carried out to bidirectional identification discriminating, veritify the legitimacy of territory, source, aiming field identity;
(3) access control: the relevant operation of virtual machine dynamic migration, request are forced to access control or the access control based on role, and the virtual machine that only has dynamic migration authority could be by dynamic migration;
(4) security audit: record the every operation vestige in virtual machine dynamic migration process, as a kind of measure of following the trail of, collecting evidence afterwards, trace risk and leak that virtual machine dynamic migration is relevant;
(5) focus is detected: the resource monitor periodically and in local migration engine is sent request, obtain each physical server and virtual machine for the service condition of CPU, internal memory and the network bandwidth, and collect the resource general situation of application that forms whole platform, according to resource general situation of application, search resource and use focus, offer safety transfer administration module and use;
(6) safety transfer management: finally determine whether to initiate and how to initiate the dynamic migration operation of virtual machine, when meeting virtual machine (vm) migration resource requirement, to local migration engine, " migration request " signal occurs.
3. a kind of virtual machine dynamic migration security framework according to claim 2, is characterized in that, described focus is detected and based on following condition, carried out focus and detect:
(1) virtual machine can not obtain the network bandwidth of expectation;
(2) physical server surpasses reservation threshold for the utilization rate of CPU and bandwidth;
(3) frequently there is internal memory and swap out in physical server.
4. a kind of virtual machine dynamic migration security framework according to claim 1, it is characterized in that, described local migration engine provides local resource service condition, receives the migration request of centralized control engine and carry out actual migration operation to centralized control engine, described local migration engine mainly by resource monitor, migration monitor, migration is supported, migration operation, migration wake up, six parts of safe transmission form, wherein:
(1) resource monitor: be responsible for obtaining the service condition of CPU on home server, internal memory and network bandwidth resources and the resource service condition of each virtual machine;
(2) migration is supported: provide virtual machine dynamic migration required brace foundation, comprise migration strategy and migration optimisation strategy, migration is monitored module according to current resource service condition, available network bandwidth condition, selects applicable migration strategy and migration optimisation strategy;
?(3) migration is monitored: from centralized control engine, receive migration request, with the migration in aiming field, monitor alternately, select suitable migration strategy and migration optimisation strategy from migration supporting module; The initialization of carrying out virtual machine dynamic migration is monitored in migration in aiming field; After initialization completes, aiming field sends " starting migration " signal by monitor of virtual machine to source domain migration operation module, enters migration operation module;
(4) migration operation: according to selected migration strategy and migration optimisation strategy, complete the copy of virtual machine state from territory, source to aiming field; Operation transferring module has copied the final state information of VME operating system, to aiming field, sends " copy finishes " signal;
?(5) migration activates: receive " copy finishes " signal, activate the virtual machine of new migration in aiming field, recover the service in territory, source on aiming field, return to " moving successfully " information to territory, source; Territory, source receives this information, destroys the virtual machine being moved in territory, source;
?(6) safe transmission: guarantee the transmission security of virtual machine in transition process by measures such as data encryptions, protect its confidentiality and integrity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310671771.9A CN103645949A (en) | 2013-12-12 | 2013-12-12 | Virtual machine dynamic migration security framework |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310671771.9A CN103645949A (en) | 2013-12-12 | 2013-12-12 | Virtual machine dynamic migration security framework |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103645949A true CN103645949A (en) | 2014-03-19 |
Family
ID=50251171
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310671771.9A Withdrawn CN103645949A (en) | 2013-12-12 | 2013-12-12 | Virtual machine dynamic migration security framework |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103645949A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105718301A (en) * | 2016-01-15 | 2016-06-29 | 浪潮集团有限公司 | VSwitch based virtual machine certificate migration mehtod |
| CN106598713A (en) * | 2016-11-24 | 2017-04-26 | 上海交通大学 | Secure dynamic virtual machine migration method and system |
| CN106778258A (en) * | 2016-12-08 | 2017-05-31 | 北京国电通网络技术有限公司 | A kind of host safety protecting method and device |
| CN107066312A (en) * | 2017-04-14 | 2017-08-18 | 济南浪潮高新科技投资发展有限公司 | Using the virtual machine (vm) migration implementation method of automatic compatible technology |
| CN109101322A (en) * | 2018-08-29 | 2018-12-28 | 山东师范大学 | The safe calculation method of virtualization and system monitored based on paired tag and migration |
| CN109783199A (en) * | 2019-03-28 | 2019-05-21 | 浪潮商用机器有限公司 | A kind of virtual machine migration method and device |
| CN111666579A (en) * | 2020-06-18 | 2020-09-15 | 安谋科技(中国)有限公司 | Computer device, access control method thereof, and computer-readable medium |
-
2013
- 2013-12-12 CN CN201310671771.9A patent/CN103645949A/en not_active Withdrawn
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105718301A (en) * | 2016-01-15 | 2016-06-29 | 浪潮集团有限公司 | VSwitch based virtual machine certificate migration mehtod |
| CN105718301B (en) * | 2016-01-15 | 2018-10-09 | 浪潮集团有限公司 | A kind of virtual machine certificate migration method based on vSwitch |
| CN106598713A (en) * | 2016-11-24 | 2017-04-26 | 上海交通大学 | Secure dynamic virtual machine migration method and system |
| CN106778258A (en) * | 2016-12-08 | 2017-05-31 | 北京国电通网络技术有限公司 | A kind of host safety protecting method and device |
| CN107066312A (en) * | 2017-04-14 | 2017-08-18 | 济南浪潮高新科技投资发展有限公司 | Using the virtual machine (vm) migration implementation method of automatic compatible technology |
| CN109101322A (en) * | 2018-08-29 | 2018-12-28 | 山东师范大学 | The safe calculation method of virtualization and system monitored based on paired tag and migration |
| CN109783199A (en) * | 2019-03-28 | 2019-05-21 | 浪潮商用机器有限公司 | A kind of virtual machine migration method and device |
| CN111666579A (en) * | 2020-06-18 | 2020-09-15 | 安谋科技(中国)有限公司 | Computer device, access control method thereof, and computer-readable medium |
| CN111666579B (en) * | 2020-06-18 | 2024-03-08 | 安谋科技(中国)有限公司 | Computer device, access control method thereof and computer readable medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103455373A (en) | Dynamic migration security framework of virtual machine | |
| CN103645949A (en) | Virtual machine dynamic migration security framework | |
| US10171432B2 (en) | Systems to implement security in computer systems | |
| Gu et al. | Secure live migration of SGX enclaves on untrusted cloud | |
| Oberheide et al. | Empirical exploitation of live virtual machine migration | |
| Sabahi | Virtualization-level security in cloud computing | |
| CN102202046B (en) | Network-operating-system-oriented trusted virtual operating platform | |
| CN103841198A (en) | Cleanroom cloud computing data processing method and system | |
| US20120324236A1 (en) | Trusted Snapshot Generation | |
| Zhang et al. | Security-preserving live migration of virtual machines in the cloud | |
| CN102811239A (en) | Virtual machine system and safety control method thereof | |
| CN105224867A (en) | A kind of based on the Host Security reinforcement means under virtualized environment | |
| Wan et al. | An improved vTPM migration protocol based trusted channel | |
| Varadharajan et al. | Counteracting security attacks in virtual machines in the cloud using property based attestation | |
| Wen et al. | The study on data security in Cloud Computing based on Virtualization | |
| Wang et al. | Virtual machine-based intrusion detection system framework in cloud computing environment. | |
| Jin et al. | Cloud virtual machine lifecycle security framework based on trusted computing | |
| Xu et al. | A survey: cloud data security based on blockchain technology | |
| Munodawafa et al. | Security risk assessment within hybrid data centers: A case study of delay sensitive applications | |
| US9734325B1 (en) | Hypervisor-based binding of data to cloud environment for improved security | |
| Yu et al. | A trusted architecture for virtual machines on cloud servers with trusted platform module and certificate authority | |
| Yao et al. | CryptVMI: A flexible and encrypted virtual machine introspection system in the cloud | |
| Song | Analysis of risks for virtualization technology | |
| Upadhyay et al. | Secure live migration of VM's in Cloud Computing: A survey | |
| Fera et al. | Enhancing security in Cloud using trusted monitoring framework |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C04 | Withdrawal of patent application after publication (patent law 2001) | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20140319 |