Toward agent based inter-VM traffic authentication in a cloud environment

Abstract

Ubiquitous simply means being everywhere. The concept of Cloud Computing (CC) further strengthens the idea of Ubiquitous computing. On the other hand, one of the key enablers of CC is Virtualization. However, with the many advantages of virtualization comes certain limitations, especially related to security. Virtualization vulnerabilities and more specifically isolation, creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. Hence, without strict control put in place within the Cloud, guests could violate and bypass security policies, intercept unauthorized client data, and initiate or become the target of security attacks. This article discusses the security and the visibility issues of inter-VM traffic, by proposing a solution for it within the Cloud context. The proposed approach provides Virtual Machines (VMs) authentication, communication integrity, and enforces trusted transactions, through security mechanisms, structures, policies, and various intrusion detection techniques.