Investigating the possibility of data leakage in time of live VM migration

Abstract

Virtual machine migration is a powerful technique used to balance the workload of hosts in environments such as a cloud data center. In that technique, VMs can be transferred from a source host to a destination host due to various reasons such as maintenance of the source host or resource requirements of the VMs. The VM migration can happen in two ways, live and offline migration. In time of live VM migration, VMs get transferred from a source host to a destination host while running. In that situation, the state of the running VM and information such as memory pages get copied from a host and get transferred to the destination by the VM migration system. There exist security risks toward the migrating VM’s data integrity and confidentiality. After a successful VM migration, the source host shall remove the memory pages of the migrated VM. However there should be a mechanism for the owner of the VM to make sure his VM’s memory pages and information are removed from the source host’s physical memory. On the other hand, the memory portion on the destination host shall be clear from previously used VM’s data and possibly malicious codes. In this chapter, we investigate the possibility of misuse of migrating VM’s data either in transit or present at source and destination during the VM migration process. Based on the investigations, we give a proposal for a secure live VM migration protocol.