Virtual Machine Image Security

security policy for the Endorsement and Operation of Virtual Machine Images [26].

SPG defines the following terms.

- Endorser: A role, held either by an individual or a team, who is responsible for confirming that a particular virtual machine image has been produced according to the requirements of this policy and states that the image can be trusted. An Endorser should be one of a limited number of authorized and trusted individuals appointed either by the Infrastructure Organization, a Virtualization Organization (VO) or a resource centre. The appointing body must assume responsibility for the actions of the Endorser and must ensure that he/she is aware of the requirements of this policy.

- Virtual Machine operator: A role, held either by an individual or a team, who is responsible for the security of the virtual machine during its operation phase, from the time it is instantiated, until it is terminated. Typically this addresses individuals with root access on the virtual machine.

- Third party: An external entity other than the resource centre where the virtual machine is operated [27]. 

2.2.3 Virtual Machine Image Security

Virtualization the companies' IT infrastructure lets owners reduce IT costs while increasing the efficiency, utilization, and flexibility of their existing assets. Around the world, companies of every size benefit from virtual machine virtualization. Virtual machines let people share the current resources of a single physical computer across multiple virtual

‧

machines for maximum efficiency. Those resources are shared across multiple virtual machines and applications. To get more and more benefits, the companies use large number virtual machines. The virtual machine as a forensic tool in security field, the Operation system can be booted into a virtual machine, the investigator can perform investigation works in a live system, directly and repeatedly, and the efficiency is improved [28].

Creating virtual machine images it to simplify the whole installation process, the related software involves operation system, applications, security patches. Due to the federation cloud concept, these images should be created, trusted, transferred and submitted between sites and sites. At the same time, people start to take account of virtual machine image security issue.

A cloud service provides three types of resources: a set of virtual machine images, a set of computer servers for virtual machine images environment, and a storage space to store the related data. While reducing cost is a primary motivation and objective for moving towards a company or a cloud provider, reducing responsibility for security or privacy should not be.

Virtual machine images are unique and special entities in the cloud. The security and integrity of such images are the foundation for the overall security of the cloud because Virtual machine images need high integrity, because they determine the initial states of running virtual machines, including their security states. Second, many of the virtual machine images are designed to be shared by different and often unrelated users. On the other hand, sharing of virtual machine images poses privacy and safety issues.

An endorser should be one of a limited number of authorized and trusted individuals appointed either by sites, can create and publish image files with no limit. Therefore, the

‧

endorsement of a virtual machine image should be defined by the standard and trust third party or policy. Images are referenced by an image list which contains a secure hash (SHA512) signed using x509 technology. These image lists are published, and interested sites subscribe to the lists in a catalogue at the site. When an instantiation request for an image is received, the image validity is checked. If the image list is valid, the image is contextualized and then instantiated. Images that do not pass validation are not instantiated [29].

Sharing virtual machine images is a common action in some cloud computing environments. Such techniques mainly focus on two aspects of security: 1) security of running instances, and 2) integrity and privacy of customer data [30]. Image repositories, the real deposition of image files must be carefully managed and controlled to avoid security problem. Since an image can contain proprietary source code and sensitive data, the provider of an image will face risks [31]. In opposition to an attacker may attempt to supply a virtual machine image containing malware and risks to users of a cloud computing system [32]. Virtual machines and applications need to be secured in IaaS Clouds. Following policies and procedures, hardening of the operating system and applications should occur to procedure virtual machine images for deployment. Care must also be taken to make adjustments for the virtualized environments in which the images run. So managing virtual machine images carefully is also import to avoid accidently deploying images containing vulnerabilities [31].

‧

3 Virtual Machine Image Catalogue System

Since production of image files rise steadily, sharing virtual machine images has become a simple case around the world. Users could easily construct a new virtual machine by using shared images; however, to find the suitable image file entails a lot of work.

Therefore, it is an essential requirement to assist people getting their wanted image files from numerous resources. In this thesis, we propose the Virtual Machine Image Catalogue system (VMIC) to fulfill the requirement. CERN and HEPiX Virtualization Working Group published this conception of image catalogue system on HEPiX fall meeting in 2009, and realized a draft system and web interface to provide simple service. In 2011, CERN and ASGC started to cooperate with this virtual machine image catalogue project to improve original system and add new functions to reach high performance; in this chapter, we will introduce the system structure of VMIC and the functionalities.