If cloud users are not satisfied with the services provided by the
current cloud provider due to security or performance reasons, they
should have the capability to de-provision the virtual machines from
the unsatisfactory cloud provider and provision them on a new cloud
provider of their choice. Users may need to migrate from one virtual
machine to another in real time, so as to provide a seamless computing experience for the end users.
These needs translate to the following security requirements:
• the capability to monitor the status of virtual machines and generate instant alerts (No. 11),
• the capability for the user to migrate virtual machines (in non-real
time) from one cloud provider to another (No. 12), and
• the capability to perform live migration of VMs from one cloud
provider to another or from one cloud region to another (No. 13).
Tools to continuously monitor the vulnerabilities or attack on virtual machines running on a server have already been developed or are
under development by many vendors, and hence the first of the above
requirements can be easily met. Large scale adoption of virtual
machine import format standards such as open virtualization format
will enable the user to rapidly provision virtual machines into one
cloud provider environment and de-provision at another cloud
provider environment which is no longer needed by the cloud user
and thus meet the second requirement above.
Further, a virtual machine migrated using a common import format should not require extensive time to reconfigure under the new
environment. Hence common run time formats are also required to
enable the newly migrated virtual machine to start execution in the
new environment. Live migration of virtual machines (in situations of
peak loads) is now possible only if the source and target virtual
machines run on physical servers with the same instruction set architecture. The industry is already taking steps to address this limitation.
However, since the majority of virtualized environments run the x86
ISA, this is not a major limitation.
With respect to standards and cloud security readiness, we have made
four major observations.
First, some requirements are already met today using existing standards (such as Federation protocols for authentication) and technologies (automatic real-time duplication of data for disaster recovery).
Second, some requirements can be met if there is more market support
for existing standards (XACML and SPML for user provisioning, open
virtualization format for virtual machines migration). Third, some
requirements such as data location and non multi-tenancy can be met
by restructuring cost models for associated cloud service offerings.
And fourth, some requirements can only be met by developing new
standards (common run time formats for virtual machines, common
APIs for migration of data from one cloud storage provider to another).
While cloud computing presents these challenges, it has the poten-
tial to revolutionize how we use information technology and how we
manage datacenters. The impact may be enormous with respect to IT
cost reduction and increased rapidity and agility of application deploy-
ment. Thus, it is critical that we investigate and address these security
issues. While some issues may have ready answers (such as existing
security standards), others may be more problematic (such as threat
exposure due to multi-tenancy).
Dr. Ramaswamy Chandramouli is a supervisory computer scientist in
the Computer Security Division, Information Technology Laboratory at
NIST. He is the author of two text books and more than 30 peer-re-viewed publications in the areas of role-based access control models,
model-based test development, security policy specification and validation, conformance testing of smart card interfaces and identity management. He holds a PhD in information technology security from
George Mason University.
Peter Mell is a senior computer scientist in the Computer Security Division at the NIST, where he is the cloud computing and security project lead, as well as vice chair of the interagency Cloud Computing Advisory Council. He is also the creator of the United States National
Vulnerability Database and lead author of the Common Vulnerability Scoring System (CVSS) version 2 vulnerability metric used to secure
credit card systems worldwide.
Spring 2010/ Vol. 16, No. 3