Cloud Computing Security in Multi-processor

Virtualization Environment

Chen Xi

Computer Department of Minjiang University, Fuzhou, Fujian, 350000, China

Abstract. With the development of Digital Library under the cloud computing,
Virtualization security of the Digital Library of cloud computing is becoming the
focus, but it also brings the new security threat. This paper firstly describes
the Virtualization security issues of digital libraries under the environment of the
virtual cloud computing. Then, it introduces the security and protection method
of digital libraries under the environment of the virtual cloud computing, and puts
forward security strategy and suggestions starting from the angle of the
Virtualization security and the construction of "cloud" digital libraries. The
security strategy can improve the overall security of Virtualization systems of
digital libraries under the environment of cloud computing.

Keywords: Cloud computing, multiprocessor, Virtualization, computing

applications.

1 Introduction

As the future trend of the IT industry, cloud computing is popularizing rapidly in the
enterprise level applications [1-5]. It embodies the idea that "the network is the
computer". Large scale computing resources, storage resources and software resources
are linked together to form a great shared virtual IT resource pool. The highly efficient
and flexible scheduling for large-scale resources provides remote user's dynamic
expansion and contraction computing services, and also provides a huge space for
resource scheduling in cloud service providers, and reduce costs with scale effect [6-9].
Cloud computing is to provide the resources available to users in the form of network
services, to liberate the users from the complex maintenance of IT hardware and
software, and also, the remote users can get services whenever and wherever possible,
breaking the time and geographical constraints [10-13].
Cloud computing security, including identity and access management, data security,
privacy protection, virtualization security [14-17]. Figure l describes the angle of
virtualization cloud computing architectures. Physical hardware and network nodes
through a multi-layered physical hardware virtualization logic simplifies the process of
forming a flexible computing, storage and network bandwidth 3 by integrating virtual
resource pool [18-21]. Provides on-demand and selected resource sharing, distribution,
management and control platform, the user can form the upper layer data and the

Y. Yang, M. Ma, and B. Liu (Eds.): ICICA 2013, Part I, CCIS 391, pp. 427–435, 2013.
© Springer-Verlag Berlin Heidelberg 2013
428 C. Xi

different needs of the business, with a variety of mutual isolation applications. Way
through virtual technology, formed a service-oriented, scalable lT infrastructure can
provide cloud computing services. Such as Amazon EC2 (elastic compute cloud),
which provides users with a large number of virtual resources, users simply according
to their need to create a virtual machine instance. Thus the user through these resources
to complete the tasks.
There is a buzz around cloud computing, as users of the cloud services only have to
pay for what they use and the resources that they need to cope with demanding situations
can be adjusted depending on the demand. This is recognized as the cloud delivery model
(SPI – see Figure 1) which consists of three services known as Software-as-a-service
(SaaS), Platform-as-a-service (PaaS) and Infrastructure-as-a-service (IaaS). Software-
as-a-service allows the users to utilize various applications from the cloud rather than
using applications on their own computer. The cloud service provider would usually
provide some sort of software development environment to allow applications to be
developed for use within the cloud. The application programming interface (API) which
the users use to access and interact with the software allows the user to use the software
without having to worry about how or where the data is being stored or how much disk
space is available as the cloud service provider will manage this for them.

Fig. 1. Showing layers of the cloud delivery model

The current Xen security there is more security issues. For example, Domain 0 is a
security bottleneck, its function than other domains strong, so easy to launch a rival
worms, viruses, DoS and other attacks, if the adversary Domain 0 paralysis or is
compromised, then the destruction of the whole virtual machine system. Xen covert
channel problem is not resolved. It is impossible to run on Xen high security level of the
operating system [22-25]. Virtual machines share the same set of hardware devices, some
network security protocols may be more vulnerable to vandalism and malicious
implemented. Xen provides a convenient mechanism for the preservation and restoration.
Rollback enables the operating system and reproducing data is very easy, but these will
affect the operation itself of the cryptographic properties. In addition, the Xen, because
the security mechanisms to make the Guest OS, so can not guarantee the security of
VMM. Xen can only restrict the memory page table an I / O address space. The interrupts
and I / 0 port address space granularity smaller than the page table. If a different drive in
the virtual machine is assigned to the same misfortune page table space, then they can
access each other's memory address space, causing safety problems.