Title :
Understanding threats in a cloud infrastructure with no hypervisor
Author :
de Souza, William A. R. ; Tomlinson, Allan
Author_Institution :
Inf. Security Group, Univ. of London, Egham, UK
Abstract :
Cloud architectures capitalise on the many benefits of virtualisation. The central component of virtualisation is the hypervisor, which plays a fundamental role in the virtualised environment. Thus, a hypervisor is typically a complex and large piece of software. The NoHype architecture is a new approach to the security problems related to hypervisors and proposes simply to eliminate the hypervisor. However, as any new approach to security, it can introduce new threats in the target environment and it can have drawbacks that could make it unfeasible to use this architecture. In this paper we conduct an investigation of the NoHype architecture, considering the new data flows, processes, entities, data stores and boundaries introduced by it. We point out that this new architecture does not mitigate all threats that a hypervisor is prone to in cloud architecture, and may even introduce new threats.
Keywords :
cloud computing; security of data; software architecture; virtualisation; NoHype architecture; cloud architectures; cloud infrastructure; no hypervisor; security problems; target environment; virtualisation; virtualised environment; Analytical models; Data models; Scalability; Security; Software; Virtual machining; Virtualisation; cloud computing; hypervisor; security;
Conference_Titel :
Internet Security (WorldCIS), 2013 World Congress on
Conference_Location :
London
DOI :
10.1109/WorldCIS.2013.6751032
