Abstract
Such a large collection of resources within virtual hosts is maximized among customers (also known as tenants) with the objective to achieve the best result (i.e., to provide the best service) at the least cost (i.e., by sharing the very same physical hardware over multiple CONTENTS 13.1 Introduction 193 13.2 Virtualization Security 197 13.3 Hardware Resources 199 13.3.1 CPU Virtualization 199 13.3.2 GPU Virtualization 200 13.3.3 Network Virtualization 201 13.4 Hypervisor-Layer Resources 204 13.4.1 VMM Security 205 13.4.2 VM Security 207 13.5 OS Resources 208 13.5.1 Kernel Integrity 208 13.5.2 Privilege Separation 208 13.6 Application Resources 209 13.6.1 Secure Data Storage 209 13.6.2 User Data Isolation 210 13.7 Summary 211 References 211 virtual hosts). Heterogeneous physical and virtual resources can be used to split and process the same problem (see Figure 13.2 and also MapReduce [2]). Once virtual resources (such as virtual networks, virtual data, and virtual processors) have been assigned to tenants, these latter ones have complete access to them and can rearrange them in order to better t their needs. As an example, virtual memory and virtual networks given to the tenant by the CSP can be further redistributed by the tenant over dierent virtual machines (VMs) in order to build a specic topology aimed at providing some services. is process is called virtual resource to virtual resource (VR2VR) [3] management and many solutions have been already proposed to manage it [4,5].
Original language | English (US) |
---|---|
Title of host publication | Security in the Private Cloud |
Publisher | CRC Press |
Pages | 193-218 |
Number of pages | 26 |
ISBN (Electronic) | 9781482259568 |
ISBN (Print) | 9781482259551 |
DOIs | |
State | Published - Jan 1 2016 |
ASJC Scopus subject areas
- General Computer Science