Virtual Machine Image Security in Cloud Computing

Virtual machine images must have high integrity because the initial state of every virtual machine in the cloud is determined by some image. However, as some of the benefits of the cloud depend on users employing images built by third parties, users must also be able to share images safely. To address the risks faced by administrators and users, we propose the first image management system that controls access to images, tracks the provenance of images, and provides users and administrators with efficient image filters and scanners that detect and repair security violations. An early implementation of the system achieves efficiency by exploiting redundancy among images.

Papers:

1. Jinpeng Wei, Xiaolan Zhang, Glenn Ammons, Vasanth Bala, and Peng Ning. "Managing Security of Virtual Machine Images in a Cloud Environment". In Proceedings of the 2009 ACM Cloud Computing Security Workshop (CCSW), co-located with the 16th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, Nov. 9-13, 2009. Full paper (330 KB), Slides (156 KB).