The purpose of this book is first to study cloud computing concepts, security concern in clouds and data centers, live migration and its importance for cloud computing, the role of firewalls in domains with particular focus on virtual machine (VM) migration and its security concerns. The book then tackles design, implementation of the frameworks and prepares test-beds for testing and evaluating VM migration procedures as well as firewall rule migration. The book demonstrates how cloud computing can produce an effective way of network management, especially from a security perspective.
Les mer
List of Figures xii List of Tables xv Preface xvii Acknowledgments xxiii Acronyms xxv Introduction xxvii 1 Live Virtual Concept in Cloud Environment 1 1.1 Live Migration 2 1.1.1 Definition of Live Migration 2 1.1.2 Techniques for Live Migration 2 1.2 Issues with Migration 4 1.2.1 Application Performance Degradation 4 1.2.2 Network Congestion 4 1.2.3 Migration Time 5 1.3 Research on Live Migration 5 1.3.1 Sequencer (CQNCR) 5 1.3.2 The COMMA System 5 1.3.3 Clique Migration 6 1.3.4 Time-Bound Migration 6 1.3.5 Measuring Migration Impact 7 1.4 Total Migration Time 7 1.4.1 VM Traffic Impact 7 1.4.2 Bin Packing 8 1.5 Graph Partitioning 8 1.5.1 Learning Automata Partitioning 9 1.5.2 Advantages of Live Migration over WAN 11 1.6 Conclusion 12 References 12 2 Live Virtual Machine Migration in Cloud 15 2.1 Introduction 16 2.1.1 Virtualization 16 2.1.2 Types of Virtual Machines 18 2.1.3 Virtual Machine Applications 18 2.2 Business Challenge 19 2.2.1 Dynamic Load Balancing 19 2.2.2 No VM Downtime During Maintenance 20 2.3 Virtual Machine Migration 20 2.3.1 Advantages of Virtualization 22 2.3.2 Components of Virtualization 22 2.3.3 Types of Virtualization 23 2.4 Virtualization System 26 2.4.1 Xen Hypervisor 26 2.4.2 KVM Hypervisor 27 2.4.3 OpenStack 30 2.4.4 Storage 31 2.4.5 Server Virtualization 33 2.5 Live Virtual Machine Migration 33 2.5.1 QEMU and KVM 34 2.5.2 Libvirt 35 2.6 Conclusion 36 References 37 3 Attacks and Policies in Cloud Computing and Live Migration 39 3.1 Introduction to Cloud Computing 40 3.2 Common Types of Attacks and Policies 42 3.2.1 Buffer Overflows 42 3.2.2 Heap Overflows 42 3.2.3 Web-Based Attacks 43 3.2.4 DNS Attacks 47 3.2.5 Layer 3 Routing Attacks 48 3.2.6 ManintheMiddle Attack (MITM) 3.3 Conclusion 50 References 50 49 4 Live Migration Security in Cloud 53 4.1 Cloud Security and Security Appliances 54 4.2 VMM in Clouds and Security Concerns 54 4.3 Software-Defined Networking 56 4.3.1 Firewall in Cloud and SDN 57 4.3.2 SDN and Floodlight Controllers 61 4.4 Distributed Messaging System 62 4.4.1 Approach 63 4.4.2 MigApp Design 63 4.5 Customized Testbed for Testing Migration Security in Cloud 63 4.5.1 Preliminaries 65 4.5.2 Testbed Description 66 4.6 A Case Study and Other Use Cases 67 4.6.1 Case Study: Firewall Rule Migration and Verification 68 4.6.2 Existing Security Issues in Cloud Scenarios 68 4.6.3 Authentication in Cloud 69 4.6.4 Hybrid Approaches for Security in Cloud Computing 71 4.6.5 Data Transfer Architecture in Cloud Computing 71 4.7 Conclusion 72 References 72 5 Solution for Secure Live Migration 75 5.1 Detecting and Preventing Data Migrations to the Cloud 76 5.1.1 Internal Data Migrations 76 5.1.2 Movement to the Cloud 76 5.2 Protecting Data Moving to the Cloud 76 5.3 Application Security 77 5.4 Virtualization 78 5.5 Virtual Machine Guest Hardening 79 5.6 Security as a Service 82 5.6.1 Ubiquity of Security as a Service 83 5.6.2 Advantages of Implementing Security as a Service 85 5.6.3 Identity, Entitlement, and Access Management Services 87 5.7 Conclusion 93 References 94 6 Dynamic Load Balancing Based on Live Migration 95 6.1 Introduction 96 6.2 Classification of Load Balancing Techniques 96 6.2.1 Static and Dynamic Scheduling 97 6.2.2 Load Rebalancing 97 6.3 Policy Engine 98 6.4 Load Balancing Algorithm 100 6.5 Resource Load Balancing 101 6.5.1 Server Load Metric 102 6.5.2 System Imbalance Metric 102 6.5.3 Other Key Parameters 102 6.6 Load Balancers in Virtual Infrastructure Management Software 103 6.7 VMware Distributed Resource Scheduler 103 6.7.1 OpenNebula 104 6.7.2 Scheduling Policies 105 6.8 Conclusion 105 References 105 7 Live Migration in Cloud Data Center 107 7.1 Definition of Data Center 108 7.2 Data Center Traffic Characteristics 110 7.3 Traffic Engineering for Data Centers 111 7.4 Energy Efficiency in Cloud Data Centers 113 7.5 Major Cause of Energy Waste 113 7.5.1 Lack of a Standardized Metric of Server Energy Efficiency 7.5.2 Energy Efficient Solutions Are Still Not 113 Widely Adopted 114 7.6 Power Measurement and Modeling in Cloud 114 7.7 Power Measurement Techniques 114 7.7.1 Power Measurement for Servers 114 7.7.2 Power Measurement for VMS 115 7.7.3 Power and Energy Estimation Models 115 7.7.4 Power and Energy Modeling for Servers 115 7.7.5 Power Modeling for VMs 116 7.7.6 Power Modeling for VM Migration 116 7.7.7 Energy Efficiency Metrics 117 7.8 Power Saving Policies in Cloud 117 7.8.1 Dynamic Frequency and Voltage Scaling 118 7.8.2 Powering Down 118 7.8.3 EnergyAware Consolidation 118 7.9 Conclusion 118 References 119 8 Trusted VM-vTPM Live Migration Protocol in Clouds 121 8.1 Trusted Computing 122 8.2 TPM Operations 122 8.3 TPM Applications and Extensions 123 8.4 TPM Use Cases 124 8.5 State of the Art in Public Cloud Computing Security 125 8.5.1 Cloud Management Interface 125 8.5.2 Challenges in Securing the Virtualized Environment 126 8.5.3 The Trust in TPM 127 8.5.4 Challenges 129 8.6 Launch and Migration of Virtual Machines 130 8.6.1 Trusted Virtual Machines and Virtual Machine Managers 130 8.6.2 Seeding Clouds with Trust Anchors 131 8.6.3 Securely Launching Virtual Machines on Trustworthy Platforms in a Public Cloud 131 8.7 Trusted VM Launch and Migration Protocol 132 8.8 Conclusion 134 References 134 9 Lightweight Live Migration 137 9.1 Introduction 138 9.2 VM Checkpointing 138 9.2.1 Checkpointing Virtual Cluster 139 9.2.2 VM Resumption 140 9.2.3 Migration without Hypervisor 140 9.2.4 Adaptive Live Migration to Improve Load Balancing 141 9.2.5 VM Disk Migrations 142 9.3 Enhanced VM Live Migration 143 9.4 VM Checkpointing Mechanisms 144 9.5 Lightweight Live Migration for Solo VM 145 9.5.1 Block Sharing and Hybrid Compression Support 145 9.5.2 Architecture 146 9.5.3 FGBI Execution Flow 147 9.6 Lightweight Checkpointing 148 9.6.1 High-Frequency Checkpointing Mechanism 150 9.6.2 Distributed Checkpoint Algorithm in VPC 150 9.7 StorageAdaptive Live Migration 152 9.8 Conclusion 154 References 154 10 Virtual Machine Mobility with SelfMigration 157 10.1 Checkpoints and Mobility 158 10.2 Manual and Seamless Mobility 158 10.3 Fine-and Coarse-Grained Mobility Models 159 10.3.1 Data and Object Mobility 159 10.3.2 Process Migration 160 10.4 Migration Freeze Time 160 10.5 Device Drivers 161 10.5.1 Design Space 162 10.5.2 In-Kernel Device Drivers 162 10.5.3 Use of VMs for Driver Isolation 164 10.5.4 Context Switching Overhead 164 10.5.5 Restarting Device Drivers 165 10.5.6 External Device State 165 10.5.7 Type Safe Languages 166 10.5.8 Software Fault Isolation 166 10.6 Self-Migration 167 10.6.1 Hosted Migration 167 10.6.2 Self-Migration Prerequisites 169 10.7 Conclusion 170 References 170 11 Different Approaches for Live Migration 173 11.1 Virtualization 174 11.1.1 Hardware-Assisted Virtualization 174 11.1.2 Horizontal Scaling 175 11.1.3 Vertical Scaling 175 11.2 Types of Live Migration 176 11.2.1 Cold Migration 176 11.2.2 Suspend/Resume Migration 176 11.2.3 Live VM Migration 176 11.3 Live VM Migration Types 177 11.3.1 Pre-Copy Live Migration 177 11.3.2 Post-copy Live Migration 178 11.3.3 Hybrid Live Migration 178 11.4 Hybrid Live Migration 179 11.4.1 Hybrid Approach for Live Migration 179 11.4.2 Basic Hybrid Migration Algorithm 180 11.5 Reliable Hybrid Live Migration 180 11.5.1 Push Phase 181 11.5.2 Stop-and-Copy Phase 181 11.5.3 Pull Phase 181 11.5.4 Network Buffering 181 11.6 Conclusion 181 References 182 12 Migrating Security Policies in Cloud 183 12.1 Cloud Computing 184 12.2 Firewalls in Cloud and SDN 187 12.3 Distributed Messaging System 191 12.4 Migration Security in Cloud 192 12.5 Conclusion 194 References 194 13 Case Study 195 13.1 Kernel-Based Virtual Machine 196 13.2 Xen 196 13.3 Secure Data Analysis in GIS 196 13.3.1 Database 197 13.3.2 Data Mining and Techniques 197 13.3.3 Distributed Database 197 13.3.4 Spatial Data Mining 198 13.3.5 Secure Multi-Party Computation 198 13.3.6 Association Rule Mining Problem 198 13.3.7 Distributed Association Ruling 199 13.3.8 Data Analysis in GIS System 13.4 Emergence of Green Computing in Modern Computing Environment 200 13.5 Green Computing 203 13.6 Conclusion 204 References 205
Les mer
This book takes the industry beyond mere definitions of cloud computing and virtualization, grid and sustainability strategies, to casting them in day-to-day operations. In Cloud Computing and Virtualization, the authors take the reader from beginning to end with the essential elements of cloud computing, its history, innovation, and demands. Through case studies and architectural models, they articulate service requirements, infrastructure, security, and outsourcing of salient computing resources. The adoption of virtualization in data centers creates the need for a new class of networks designed to support elasticity of resource allocation, increasing mobile workloads and the shift to production of virtual workloads, requiring maximum availability. Building a network that spans both physical servers and virtual machines with consistent capabilities demands a new architectural approach to designing and building the IT infrastructure. Performance, elasticity, and logical addressing structures must be considered as well as the management of the physical and virtual networking infrastructure. Once deployed, a network that is virtualization-ready can offer many revolutionary services over a common shared infrastructure. With virtualization, comes elasticity where computer capacity can be scaled up or down on demand by adjusting the number of virtual machines actively executing on a given physical server. Additionally, virtual machines can be migrated while in service from one physical server to another. Extending this further, virtualization creates "location freedom" enabling virtual machines to become portable across an ever-increasing geographical distance. Audience Computer scientists in academia and industry working on cloud computing. No matter the level of interest or experience, the reader will find clear value in this in-depth, vendor-neutral study of cloud computing and virtualization.
Les mer

Produktdetaljer

ISBN
9781119487906
Publisert
2018-03-23
Utgiver
Vendor
Wiley-Scrivener
Vekt
454 gr
Høyde
10 mm
Bredde
10 mm
Dybde
10 mm
Aldersnivå
P, 06
Språk
Product language
Engelsk
Format
Product format
Innbundet
Antall sider
234

Biographical note

Dac-Nhuong Le obtained his PhD in computer science from Vietnam National University, Vietnam in 2015. He is Deputy-Head of Faculty of Information Technology, Haiphong University, Vietnam. His area of research includes: evaluation computing and approximate algorithms, network communication, security and vulnerability, network performance analysis and simulation, cloud computing, IoT and image processing in biomedical. He has authored 4 computer science books and has multiple research articles in international journals.

Raghvendra Kumar completed his PhD in the Faculty of Engineering and Technology, Jodhpur National University, India. He has authored several research papers in Scopus indexed and impact factor research journals\international conferences as well as 6 authored and 9 edited books on computer science. His areas of interest include wireless sensor network (WSN), Internet of Things, mobile application programming, ad hoc networks, cloud computing, big data, mobile computing, data mining and software engineering.

Nguyen Gia Nhu received the PhD degree in computer science from Ha Noi University of Science, Vietnam National University, Vietnam. He is now the Vice Dean of Graduate School at Duy Tan University. He has more than 40 publications in reputed international conferences, journals and book chapter contributions. His research interests include algorithm theory, network optimization and wireless security.

Jyotir Moy Chatterjee is working as an Assistant Professor in the Department of Computer Science and Engineering at GD-RCET, Bhilai, C.G, India. He received his M.Tech from KIIT University, Bhubaneswar, Odisha and B.Tech in Computer Science & Engineering from Dr. MGR Educational & Research Institute University, Chennai, (Tamil Nadu). His research interests include cloud computing, big data, privacy preservation and data mining.