preview

Virtualization : The Universal Threats Of Virtual Machine Security

Good Essays
Virtual Machine Security
Though the universal adoption of virtualization is a fairly fresh phenomenon, threats to the virtualized environment are progressing rapidly. The hypervisor and virtual machines that are used used by SaaS vendors may also have vulnerabilities as shown in (Amazon Elastic Compute Cloud, 2012). Such exposures signifies an even more severe difficulty in multi-tenant environments such as in the field involved, where if there compromise of even one virtual machine can distress all users on the same server. Virtualization is among the main constituents of a cloud but it key security risks. Guaranteeing that unlike occurrences running on the same machine are separated from each other is a major task of virtualization
…show more content…
Traffic encryption techniques such Socket Layer and Transport Layer Security (TLS) for security are commonly used.
Cloud Standards The right Clouds standards are obligatory in developing different organizations in order achieve interoperability among clouds and to boost their security as well as stability. A perfect example is inconsistency of storage services by the provider with those of other providers (DTMF, 2013). This usually happens when the providers aim at retaining their customers. Cloud vendors are obligated to come up with ‘sticky services’ which will make it impossible for the user in case they want to move to another provider, like Google storage cannot match with Amazon S3 (Snia, 2013). Lack of dedicated cloud standards can cause confusion to cloud users which is something that should be addressed in future.
Data Segregation
As earlier stated, personal data is very delicate and should be privately kept. With multitenancy in cloud computing, privacy of data may not be achieved (OGF, 2010). This occurs when multiple users use SaaS application to store their data in cloud computing. As a result, data of the certain users could be stored in the same location which makes attack of data possible. This is possible whereby injecting client’s code into the system or simply by hacking through the loop holes (Cloud security Alliance, 2009). It is
Get Access