Security aware VM placement in OpenStack cloud
The ubiquitous use of cloud computing has led to increasing instances of security attacks. Placing new Virtual Machine (VM) to a physical server in presence of vulnerable co-resident VMs leads to potential security risk for physical server and the newly placed VM. However, secure-aware VM placement has received little attention. In this poster, we present an approach to achieve secure-aware VM placement in OpenStack cloud. In this approach, we will assess the risk posed by VM vulnerabilities based on real-time analysis of logs. OpenStack's current VM placement policies do not incorporate security. We will introduce a security filter within the Openstack placement scheme to ensure the scheduling of a new VM considers security risks. Prior to placing a new VM, we will calculate the compromise score for available VMs by characterizing dependency relationships introduced by the new VM. Next, we can recalculate the survivability score for all presented physical machines (PM) in the cloud. Finally, we need to group those physical machines based on their updated survivability score, as some of them might be degraded to other groups due to their connections with VM. We will evaluate our approach in a private cloud, tsucloud.tnstate.edu.
Ali Reza Al Amin MD.,
"Security aware VM placement in OpenStack cloud"
ETD Collection for Tennessee State University.