• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Future generation computer systems >Design and implementation of a trusted monitoring framework for cloud platforms
【24h】

Design and implementation of a trusted monitoring framework for cloud platforms

机译:云平台可信监控框架的设计与实现

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Virtualization is a pillar technology in cloud computing for multiplexing computing resources on a single cloud platform for multiple cloud tenants. Monitoring the behavior of virtual machines (VMs) on a cloud platform is a critical requirement for cloud tenants. Existing monitoring mechanisms on virtualized platforms either takes a complete VM as the monitoring granularity, such that they cannot capture the malicious behaviors within individual VMs, or they focus on specific monitoring functions that cannot be used for heterogeneous VMs concurrently running on a single cloud node. Furthermore, the existing monitoring mechanisms have made an assumption that the privileged domain is trusted to act as expected, which causes the cloud tenants' concern about security because the privileged domain in fact could not act as the tenants' expectation. We design a trusted monitoring framework, which provides a chain of trust that excludes the untrusted privileged domain, by deploying an independent guest domain for the monitoring purpose, as well as utilizing the trusted computing technology to ensure the integrity of the monitoring environment. Moreover, the feature of fine-grained and general monitoring is also provided. We have implemented the proposed monitoring framework on Xen, and integrated it into OpenNebula. Our experimental results show that it can offer expected functionality, and bring moderate performance overhead.
机译:虚拟化是云计算中的一项基础技术,用于在单个云平台上为多个云租户复用计算资源。监视云平台上虚拟机(VM)的行为是云租户的关键要求。虚拟化平台上的现有监视机制要么以完整的VM作为监视粒度,以使其无法捕获单个VM中的恶意行为,要么专注于特定的监视功能,这些功能无法用于同时在单个云节点上运行的异构VM。此外,现有的监视机制已假设特权域被信任可以按预期方式运行,这引起了云租户对安全性的担忧,因为特权域实际上不能满足租户的期望。我们设计了一个受信任的监视框架,该框架通过部署用于监视目的的独立来宾域,并利用受信任的计算技术来确保监视环境的完整性,从而提供了一条排除不信任特权域的信任链。此外,还提供了细粒度和常规监视的功能。我们已经在Xen上实施了建议的监视框架,并将其集成到OpenNebula中。我们的实验结果表明,它可以提供预期的功能,并带来适度的性能开销。

著录项

  • 来源
    《Future generation computer systems》 |2013年第8期|2092-2102|共11页
  • 作者

    Deqing Zou; Wenrong Zhang; Weizhong Qiang; Guofu Xiang; Laurence Tianruo Yang; Hai Jin; Kan Hu;

  • 作者单位

    Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;

    Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;

    Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;

    Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;

    Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China,Department of Computer Science, St. Francis Xavier University Antigonish, NS, B2G 2W5, Canada;

    Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;

    Services Computing Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;

  • 收录信息 美国《科学引文索引》(SCI);美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    Cloud computing; Virtualization; Cloud monitoring; Trusted computing;

    机译:云计算;虚拟化;云监控;可信计算;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号