Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Security and trust preserving inter- and intra-cloud VM migrations
RISE Research Institutes of Sweden, Digital Systems. COMSATS University Islamabad, Pakistan.
RISE Research Institutes of Sweden, Digital Systems, Data Science.
RISE Research Institutes of Sweden, Digital Systems, Data Science.ORCID iD: 0000-0001-8192-0893
2020 (English)In: International Journal of Network Management, ISSN 1055-7148, E-ISSN 1099-1190, article id e2103Article in journal (Refereed) Published
Abstract [en]

This paper focus on providing a secure and trustworthy solution for virtual machine (VM) migration within an existing cloud provider domain, and/or to the other federating cloud providers. The infrastructure-as-a-service (IaaS) cloud service model is mainly addressed to extend and complement the previous Trusted Computing techniques for secure VM launch and VM migration case. The VM migration solution proposed in this paper uses a Trust_Token based to guarantee that the user VMs can only be migrated and hosted on a trustworthy and/or compliant cloud platforms. The possibility to also check the compliance of the cloud platforms with the pre-defined baseline configurations makes our solution compatible with an existing widely accepted standards-based, security-focused cloud frameworks like FedRAMP. Our proposed solution can be used for both inter- and intra-cloud VM migrations. Different from previous schemes, our solution is not dependent on an active (on-line) trusted third party; that is, the trusted third party only performs the platform certification and is not involved in the actual VM migration process. We use the Tamarin solver to realize a formal security analysis of the proposed migration protocol and show that our protocol is safe under the Dolev-Yao intruder model. Finally, we show how our proposed mechanisms fulfill major security and trust requirements for secure VM migration in cloud environments. 

Place, publisher, year, edition, pages
John Wiley and Sons Ltd , 2020. article id e2103
Keywords [en]
Compliance control, Infrastructure as a service (IaaS), Network security, Regulatory compliance, Virtual machine, Baseline configurations, Cloud service models, Computing techniques, Dolev-Yao intruders, Formal security analysis, Migration protocols, Security and trusts, Trusted third parties, Trusted computing
National Category
Natural Sciences
Identifiers
URN: urn:nbn:se:ri:diva-44389DOI: 10.1002/nem.2103Scopus ID: 2-s2.0-85079698182OAI: oai:DiVA.org:ri-44389DiVA, id: diva2:1412880
Note

Funding details: Horizon 2020 Framework Programme, H2020, 833742, 783119; Funding text 1: This research has been supported by the funding for H2020 projects SECREDAS (grant agreement no. 783119), nIoVe (grant agreement no. 833742), and RISE Cybersecurity KP.

Available from: 2020-03-09 Created: 2020-03-09 Last updated: 2020-03-09Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Raza, Shahid

Search in DiVA

By author/editor
Raza, Shahid
By organisation
Digital SystemsData Science
In the same journal
International Journal of Network Management
Natural Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 4 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.9