Designing Efficient Security Services Infrastructure for Virtualization Oriented Architectures

Abstract

Virtualization technologies are emerging as a promising solution for managing the rapidly growing complexities of modern distributed ICT infrastructures. However, a mainstream operational concern for these virtualization oriented architectures is to provide efficient security services. Establishment of in-depth security services and trust relationships are the most desirable features for the effective functioning of these systems. This chapter presents a security architecture to address the comprehensive security needs of today’s virtualization oriented architectures. The concept of virtualization of security services is introduced so as to have absolute freedom to choose the underlying security mechanisms. This concept of virtualization of security services is realized through distributed virtual engines that enable unification of security service calls according to requirements and not according to the underlying technologies. A configurable mechanism for the invocation of security services is proposed to address the security needs of different kinds of users. This approach permits the evolution of efficient security infrastructure with minimal impact on the resource management functionalities. In this way, users and resource providers can configure the security services according to their requirements and satisfaction level. The resulting extensible set of security services include both core security services and contemporary security services required for the modern virtualization oriented infrastructures.