Threat modeling of para-virtualized environments

Abstract

Organizations are looking at various cost effective methods to reduce the overall cost of data storage systems. This measure is taken essentially to reduce the hardware that is currently being used for hosting servers. In recent years, the organizations around the world have looked at various options such as parallel computing and grid computing. However, these techniques have not been implemented in organizations due to their limitations. Virtualization is a new technique that is being adopted by system administrators to overcome the hardware issues within a computer network. Virtualization has the main advantages such as secure logging and terra architecture which enhances overall performance of the server and effectively reduces the cost. Virtualization can be broadly classified into 2 types: Full Virtualization and Para-Virtualization. As, with every new technology that comes into existence, there arise the security concerns associated with it. This thesis addresses the growing security concerns associated with Virtual Machines (VM's) in a Para-virtualized environment. Some of the most common threats are Denial of Resource Attack, Sniffing Attack, and Authentication and Authorization issues. Thus, it becomes essential to derive a threat model so that these issues are identified based on their severities and addressed more effectively with appropriate security algorithms. This thesis provides the readers an insight to modeling threats, analyzing threat parameters, deriving risk equations, and validating the results.