virtualization
play

Virtualization && (and) || (or) ^^ (exor) Security Usual OS - PowerPoint PPT Presentation

Jan 01, 2024 •428 likes •614 views

Virtualization && (and) || (or) ^^ (exor) Security Usual OS diagram Traditional kernel: Control HW access CPU (timesharing) (virtual) memory Disk (File system) Devices (net, console, video, audio etc) Kernel

  1. Virtualization && (and) || (or) ^^ (exor) Security

  2. Usual OS diagram ● Traditional kernel: – Control HW access ● CPU (timesharing) ● (virtual) memory ● Disk (File system) ● Devices (net, console, video, audio etc) Kernel – IPC/signals – Low-level network App – Identity mgmt (UID/GID) App “virtual security”; CERN multicore & virtualization workshop 09 - 2

  3. VM-in-a-box Add: ● Hypervisor (HW access) ● Network (virtual) ● “Controlling” Hypervisor Hypervisor dom0 Virtual bridge Virtual bridge Kernel Kernel Kernel App App App App dom0 dom0 “virtual security”; CERN multicore & virtualization workshop 09 - 3

  4. Wait, there is more.. VM images Hypervisor Virtual bridge VM control Kernel App VM agent App dom0 “virtual security”; CERN multicore & virtualization workshop 09 - 4

  5. .. and more User VM User VM VM images Paravirt drivers Hypervisor Hypervisor Virtual bridge PV Virtual bridge PV VM control Kernel Kernel App App VM agent VM agent VM agent App App dom0 dom0 “virtual security”; CERN multicore & virtualization workshop 09 - 5

  6. VMs: “virtual” security General: new code, new interfaces = new attacks. – VMs are inherently less secure --- all other things being equal – More code, more interfaces = more “attack surface” – Typically “all other things” not equal. VMs provide scope for more secure configurations – Potentially less impact of a vulnerability/exploit – containment might offset complexity – So need to compare before/after .. “virtual security”; CERN multicore & virtualization workshop 09 - 6

  7. Examples applications from same Kernel machine (or trust zone) App go into separate VMs App → more secure applications from Kernel Unknown VM different trust zones go App Kernel into same hypervisor →less secure App “virtual security”; CERN multicore & virtualization workshop 09 - 7

  8. VM-specific attack points ● VM escape : break out of VM, into hypervisor or host OS = access to other VMs. (rare) ● “Paravirtual” drivers: (tradeoff: speed vs “virtual”) Ex. Xen PVFB, Vmware tools, .. ● “VM network”: – sniffing, IP-spoofing, ARP-spoofing, DoS... ● Controlling infrastructure Virtual bridge – homegrown or vendor-supplied – remote reset, “elastic” things... Ex: HyperVM/VAserv 100k sites deleted. VM control “virtual security”; CERN multicore & virtualization workshop 09 - 8

  9. Other security issues around VMs ● Access to VM images – Storage/transit: secure? encrypt? (who trusts whom?) VM images – Persistent changes to image (or not?) - sandbox? – Patching – when, by whom? ● Potentially easy on trusted guests ● Unknown on user-supplied = “museum system” (Difficult on hypervisors - migration or downtime) ● Snapshot images – full memory dump, incl password/certs.. ● “Privileged” network access via host? “ Nobody is using IP-based access controls nowadays! ” Wrong .. LHC-OPN, NFS et.al., site firewalls - & Reputation! “virtual security”; CERN multicore & virtualization workshop 09 - 9

  10. Other security considerations ● (user/job) credentials in the VM? – Easy for “trusted” images ● re-use existing tools, get at runtime from LSF/Batch/MyProxy/.. – Harder for “clouds” - no standard ● (typically pushed to VM owner/user) “virtual security”; CERN multicore & virtualization workshop 09 - 10

  11. Crucial point: “ trust ” the VM? ● “ Trusted ” VM: →minimal operational changes ● Admin access restricted, similar to physical machines + – Can trust kernel access control, UID/GIDs, local logging, network config.. = additional layer ● operating system is maintained/patched ● Inventory control/tracking ● Batch, Accounting, resource quotas work (machine-local tools) ● (Might contain 3rd-party SW) ● untrusted/ user-supplied VM: ● Trust boundary shifts to hypervisor ↔ guest kernel or ● Full access to “virtual network” (bridge/NAT) ● Batch/accounting/quota tasks shift to hypervisor “virtual security”; CERN multicore & virtualization workshop 09 - 11

  12. Trust, cont. “ experiment ” ● trusted-third-party VM? ● “Historically difficult” to get single SW version from experiments (internal fragmentation = no single “production” version) ● Different focus: functionality+stability vs security – Series of “frozen” releases, patching unlikely – Expect “service creep” - maintainer cannot refuse new things – Deployment is open issues – push to sites, cache ,.. ● CERNVM-style might be a solution - pull in exp sw as needed (but keep OS under site control) Choice depends on “virtual” focus: ● Efficiency vs Flexibility vs Control Corollary: how to track even “trusted” images over time? Sign+Expire? image+mod-on-boot? “virtual security”; CERN multicore & virtualization workshop 09 - 12

  13. “HEP sites” stance ● Question at HEPIX (May 2009, Umeå/SE): – What is the “HEP site” stance on user-supplied images? (“cloud”-style image vs grid-job-style computing) ● Discussion summary: – Pure “user-images” seem to be out – no real use case so far, huge impact on site networking setup. Eventually: perhaps in fully-contained sandbox (i.e. no network at all) – Experiment-images: might come but lots of open questions – Site-internal images – lots of interest from sites “virtual security”; CERN multicore & virtualization workshop 09 - 13

  14. What are others doing or: are sites too paranoid? ● AMAZON EC2, FlexiScale, Rackspace etc – All take user-supplied images.. – Well-known AMIs configure “ownership on boot”. Nothing more. ● Model: “hosting service” != HEP computing – Usually: passive protection of guest ● Xen (customized) + paravirt guests; effort on virtual net ● Inbound firewall on hypervisor (but can open) ● Good recommendations but “VM security not their problem ”. – Economic incentive against active attacks: ● $$/network, $$/CPU, take offline, owner's credit card. “virtual security”; CERN multicore & virtualization workshop 09 - 14

  15. (commercial) cloudy security ● see D.Kelsey talk at HEPIX09 - http://indico.cern.ch/contributionDisplay.py?contribId=60&sessionId=13&confId=45282 Goes beyond purely technical arguments ● Trust: – “Predictable, dependable, responsible, honest, reliable behaviour” – From experience/collaboration or policies ● Policy (provider vs Grid): – usage terms/license vs various Grid policies ● (incident reaction, notification procedures etc) – Legalese – authority to sign contract for your organization? “virtual security”; CERN multicore & virtualization workshop 09 - 15

  16. Summary Lots of benefits from virtualization.. – Security perhaps isn't the strongest. But: also lots of new complexity – Nothing fundamentally challenging, but ... – lots of issues to consider ... – ... ideally before deployment. “virtual security”; CERN multicore & virtualization workshop 09 - 16

  17. Virtual use cases (see “your standard intro to VMs” for hypervisor, guest, dom0, domU, image, Type-1, Type- ● 2, para vs full, ..); not talking about “OS compartments”, chOS, emulators etc – but concepts are similar. And “Virtualization” is an old concept... ● General “virtual” use cases: – Efficiency – pool underused machines – HA – live migration, “hide” interventions – Load balancing - “elastic” supply – Security: segregation, containment, honeypots ● HEP-specific: – Batch job segregation (CHEP – KIT/HTW) – Analysis environment, “VO appliance” (ATLAS/PANDA) – “Clouds”, User-supplied images (CERNVM)? “virtual security”; CERN multicore & virtualization workshop 09 - 17

  18. (interesting) Incident Investigation Impact (ideas) ● Prevention: – Restrictive network access != HEP/Grid ? (various callbacks, experiment monitoring etc) Patching? Compliance checking? ● Detect: NIDS. – HyIDS – hypervisor as (N)IDS – interesting idea – How to profile behaviour for unknown images? ● Forensics – Snapshot: good (but: who gets access?) – Unreliable local audit: bad – Yet another dimension: which VM was running? “virtual security”; CERN multicore & virtualization workshop 09 - 18

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Virtualization Virtualization Memory virtualization Process feels like it has its own

Virtualization Virtualization Memory virtualization Process feels like it has its own

4/25/08 Virtualization Virtualization Memory virtualization Process feels like it has its own address space Created by MMU, configured by OS Storage virtualization Logical view of disks connected to a machine External

441 views • 8 slides
Virtualization What is Virtualization? Virtualization is the simulation of the software and/

Virtualization What is Virtualization? Virtualization is the simulation of the software and/

Virtualization What is Virtualization? Virtualization is the simulation of the software and/ or hardware upon which other software runs. This simulated environment is called a virtual machine --Wikipedia 2 Computer Systems Arch.

1.26k views • 26 slides
AMD Pacifica Virtualization Technology AMD Unveils Virtualization Platform AMD Pacifica

AMD Pacifica Virtualization Technology AMD Unveils Virtualization Platform AMD Pacifica

AMD Pacifica Virtualization Technology AMD Unveils Virtualization Platform AMD Pacifica Tutorial 2 Virtual Machine Approaches Carve a Server into Many Virtual Machines Hosted Hypervisor-based Virtualization Virtualization App App

539 views • 18 slides
Virtualization and SDN Applications 2 Virtualization Network Virtualization Sharing

Virtualization and SDN Applications 2 Virtualization Network Virtualization Sharing

4/1/2013 Virtualization and SDN Applications 2 Virtualization Network Virtualization Sharing physical hardware or software resources by Share physical network resources to form multiple multiple users and/or use cases diverse virtual

511 views • 5 slides
4/22/2009 Virtualization Memory virtualization Process feels like it has its own address

4/22/2009 Virtualization Memory virtualization Process feels like it has its own address

4/22/2009 Virtualization Memory virtualization Process feels like it has its own address space Created by MMU, configured by OS Distributed Systems Storage virtualization Logical view of disks connected to a machine

407 views • 3 slides
Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare metal. Dedicated virtualization machine. Higher performance. Typical for servers. Type 2 Virtualization Hypervisor sits on

571 views • 17 slides
Virtualization and Containerization What is Virtualization? What is Containerization? What does

Virtualization and Containerization What is Virtualization? What is Containerization? What does

Virtualization and Containerization What is Virtualization? What is Containerization? What does this do for us? Virtual Machines: Terminology Types of Hypervisors VirtualBox and VMWare

2.8k views • 30 slides
Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960s: first track of

Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960s: first track of

Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960s: first track of virtualization Time and resource sharing on expensive mainframes IBM VM/370 Late 1970s and early 1980s: became unpopular Cheap

924 views • 34 slides
Hardware / Virtualization / Architectures Foundations of the cloud Implementing Virtualization

Hardware / Virtualization / Architectures Foundations of the cloud Implementing Virtualization

Hardware / Virtualization / Architectures Foundations of the cloud Implementing Virtualization Technologies Cloud Computing relies heavily on the concept of virtualization In fact not possible without it. But they are separate

835 views • 32 slides
Linux Virtualization Kir Kolyshkin <kir@openvz.org> OpenVZ project manager What is

Linux Virtualization Kir Kolyshkin <kir@openvz.org> OpenVZ project manager What is

Linux Virtualization Kir Kolyshkin <kir@openvz.org> OpenVZ project manager What is virtualization? Virtualization is a technique for deploying technologies. Virtualization creates a level of indirection or an abstraction layer between a

388 views • 27 slides
IO Virtualization Kedar & Ozzie Overview Benefits Challenges Full Virtualization

IO Virtualization Kedar & Ozzie Overview Benefits Challenges Full Virtualization

IO Virtualization Kedar & Ozzie Overview Benefits Challenges Full Virtualization Paravirtualization Front-ends, Back-ends Pass through mode Virtualization : Review Create a Virtual machine that can emulate

327 views • 20 slides
Introduction to Virtual Machines Carl Waldspurger (SB SM 89 PhD 95) VMware R&D Overview

Introduction to Virtual Machines Carl Waldspurger (SB SM 89 PhD 95) VMware R&D Overview

Introduction to Virtual Machines Carl Waldspurger (SB SM 89 PhD 95) VMware R&D Overview Virtualization and VMs Processor Virtualization Memory Virtualization I/O Virtualization I/O Virtualization Types of Virtualization

574 views • 33 slides
KVM MMU Virtualization Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> Index What is MMU

KVM MMU Virtualization Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> Index What is MMU

KVM MMU Virtualization Xiao Guangrong <xiaoguangrong@cn.fujitsu.com> Index What is MMU Virtualization? How to implement MMU Virtualization? How to optimize MMU Virtualization? What will I do? 2 What is MMU Virtualization

621 views • 28 slides
Distributed Systems Virtualization Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise

Distributed Systems Virtualization Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise

Distributed Systems Virtualization Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Virtualization Memory virtualization

471 views • 15 slides
A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel

A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel

A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel Developer SUSE Linux GmbH, jgross@suse.com Status Quo Standard Xen Virtualization Server dom0 HVM pv Net- Block- xenstore qemu backend backend

421 views • 23 slides
Network Virtualization What is Network Virtualization? Abstraction of the physical network

Network Virtualization What is Network Virtualization? Abstraction of the physical network

Network Virtualization What is Network Virtualization? Abstraction of the physical network Support for multiple logical networks running on a common shared physical substrate A container of network services Aspects of the

589 views • 21 slides
CNT5410 - Computer and Network Security Review/Wrapup Professor Kevin Butler Fall 2015 Florida

CNT5410 - Computer and Network Security Review/Wrapup Professor Kevin Butler Fall 2015 Florida

CNT5410 - Computer and Network Security Review/Wrapup Professor Kevin Butler Fall 2015 Florida Institute for Cyber Security (FICS) Review What did we talk about this semester? Cryptography secret vs public-key key exchange

828 views • 18 slides
A Strategy for Security Testing Industrial Firewalls Thuy D. Nguyen Steve C. Austin Cynthia E.

A Strategy for Security Testing Industrial Firewalls Thuy D. Nguyen Steve C. Austin Cynthia E.

A Strategy for Security Testing Industrial Firewalls Thuy D. Nguyen Steve C. Austin Cynthia E. Irvine Department of Computer Science Naval Postgraduate School December 10, 2019 Nguyen, Austin, Irvine (NPS) Security Testing ICS Firewalls 1

643 views • 35 slides
The Dark Side of Operational Wi-Fi Calling Services Tian Xie 1 , Guan-Hua Tu 1 , Chi-Yu Li 2 ,

The Dark Side of Operational Wi-Fi Calling Services Tian Xie 1 , Guan-Hua Tu 1 , Chi-Yu Li 2 ,

The Dark Side of Operational Wi-Fi Calling Services Tian Xie 1 , Guan-Hua Tu 1 , Chi-Yu Li 2 , Chunyi Peng, Mi Zhang 1 1 Michigan State University 2 National Chiao Tung University 3 Purdue University Wi-Fi Calling Services Wi-Fi Calling

621 views • 31 slides
New developments on BREACH Dimitris Karakostas, Dionysis Zindros Stanford, Real World Crypto

New developments on BREACH Dimitris Karakostas, Dionysis Zindros Stanford, Real World Crypto

New developments on BREACH Dimitris Karakostas, Dionysis Zindros Stanford, Real World Crypto 2016 Overview BREACH review Our contributions Statistical attacks Attacking block ciphers Attacking noise Optimization

477 views • 33 slides
ARP Address Resolu,on Protocol Security Joo Paulo Barraca

ARP Address Resolu,on Protocol Security Joo Paulo Barraca

ARP Address Resolu,on Protocol Security Joo Paulo Barraca jpbarraca@ua.pt 1 Networking Basics Communica,on in packet networks rely on several

319 views • 20 slides
Atlan?cWave-SDX: An Interna?onal SDX to Support Science Data Applica?ons Jeronimo A. Bezerra and

Atlan?cWave-SDX: An Interna?onal SDX to Support Science Data Applica?ons Jeronimo A. Bezerra and

Atlan?cWave-SDX: An Interna?onal SDX to Support Science Data Applica?ons Jeronimo A. Bezerra and Joaqun Chung <jbezerra@fiu.edu>, <joaquin.chung@gatech.edu> Outline Introducing LSST as an Use Case Presen?ng LSST

371 views • 18 slides
NuFirewall Open-source authenticating firewall NuFirewall - RMLL 2010 NuFirewall - RMLL 2010

NuFirewall Open-source authenticating firewall NuFirewall - RMLL 2010 NuFirewall - RMLL 2010

NuFirewall Open-source authenticating firewall NuFirewall - RMLL 2010 NuFirewall - RMLL 2010 Who's that guy ? Eric Leblond CTO EdenWall Technologies NuFW project leader Netfilter developper Ulogd2 maintener Regit

1.06k views • 24 slides
IoT, SDR, and Car Security Aaron Luo Who am I Aaron Luo Come from Taiwan Start

IoT, SDR, and Car Security Aaron Luo Who am I Aaron Luo Come from Taiwan Start

IoT, SDR, and Car Security Aaron Luo Who am I Aaron Luo Come from Taiwan Start security research since 15 th Community Experience CHROOT/HITCON (security group) - member III,CSIST (government organizations) - training course

1.36k views • 110 slides

More recommend