UNIVERSITY OF DAR ES SALAAM

COMPUTER SCIENCE AND ENGINEERING

ASSIGNMENT

GROUP MEMBERS

S/N NAME REGISTRATION NUMBER

SHABANI HAMISI SAID 2024-04-10143,CEIT

1.

IZRAEL CHARLES 2024-04-01025 ,CEIT

2.

IRENE MATHIAS 2024-04-05895 ,CEIT

3.
 Virtualization and
Cloud Computing
What is Cloud Computing?
Cloud computing :
–Internet-based computing
–large groups of remote servers are networked
–sharingof data-processing tasks, centralized data storage,
computer services and resources
–Any computer related task that is done entirely on
Internet
 What is Cloud Computing?
●
Allows users to deal with the software without having the
hardware.
●
Everything is done by remote, nothing is saved locally .
Cloud Computing Components

Fig. 1 Cloud Computing Components [5]

●
Empowerment
Characteristics
●
Agility and API
●
Cost and Security
●
Device and location
independence
●
Visualization
●
Multi-tenancy
●
Reliability and Maintenance
●
Scalability and Elasticity Fig. 2 How Cloud Computing Works [6]
 Service Models
●
Infrastructure as a Service
(IaaS)
– Basic, service users maintain software
●
Platform as a Service (PaaS)
– Users are given software and hardware
automatically
●
Software as a Service (SaaS)
– All software and hardware is transparent
– User only knows their own access point

Fig. 3 Service Models of Cloud Computing [7]

 Deployment Models
●
Public cloud
– Done by service providers
●
Community cloud
– organizations from a specific community with common concerns
●
Private cloud
– operated solely for a single organization
●
Hybrid cloud
– composition of two or more clouds (private, community or public)
●
Private Cloud Rentals
– option to consider when security is a concern
 Architecture
●
The software systems involved
in the delivery, communicating
over a loose coupling
mechanism
●
The Inter-cloud
– The Inter-cloud is an
interconnected global "cloud
of clouds" and an extension
of the Internet

Fig. 4 Cloud Architecture [8]

 Cloud Engineering
●
The application of engineering disciplines to cloud computing
●
High level concerns
– Commercialization
– Standardization
●
Governance in
– Conceiving
– Developing
– Operating
– maintaining
 Security and privacy
●
Data protection
●
Physical Control
●
Identity management
●
Physical and personnel security
●
Availability
●
Application security
●
Privacy
●
Legal issues
 Cloud Clients
●
Google Chrome book
●
Web browsers
●
Company specific applications
 Advantages
●
Cloud everyday use
●
To save huge amounts of data
●
Easier to maintain information
●
Makes security easy
●
Maintainability and sustainability are better
• Virtualization is the ability to run multiple
operating systems on a single physical system and
share the underlying hardware resources.
• It is the process by which one computer hosts the
appearance of many computers.
• Virtualization is used to improve IT throughput and
costs by using physical resources as a pool from
which virtual resources can be allocated.
 Virtualization architecture
•A Virtual machine (VM) is an isolated runtime
environment (guest OS and applications)
•Multiple virtual systems (VMs) can run on a single
physical system
 Hypervisor
• A hypervisor, a.k.a. a virtual machine
manager/monitor (VMM), or virtualization manager, is
a program that allows multiple operating systems to
share a single hardware host.
• Each guest operating system appears to have the
host's processor, memory, and other resources all to
itself. However, the hypervisor is actually controlling
the host processor and resources, allocating what is
needed to each operating system in turn and making
sure that the guest operating systems (called virtual
machines) cannot disrupt each other.
 Benefits of Virtualization
• Sharing of resources helps cost reduction
• Isolation: Virtual machines are isolated from each other
as if they are physically separated
• Encapsulation: Virtual machines encapsulate a
complete computing environment
• Hardware Independence: Virtual machines run
independently of underlying hardware
• Portability: Virtual machines can be migrated between
different hosts.
 Virtualization in Cloud Computing
Cloud computing takes virtualization one step further:
• You don’t need to own the hardware
• Resources are rented as needed from a cloud
• Various providers allow creating virtual servers:
– Choose the OS and software each instance will have
– The chosen OS will run on a large server farm
– Can instantiate more virtual servers or shut down existing
ones within minutes
• You get billed only for what you used
 Virtualization Security Challenges
The trusted computing base (TCB) of a virtual machine is
too large.
• TCB: A small amount of software and hardware that
security depends on and that we distinguish from a
much larger amount that can misbehave without
affecting security*
• Smaller TCB  more security
 Xen Virtualization Architecture and the Threat Model

Management VM – Dom0
Guest VM – Dom
Dom0 may be malicious
Vulnerabilities
Device drivers
Careless/malicious
administration
Dom0 is in the TCB of DomU because it
can access the memory of DomU, which
may cause information
leakage/modification
 Virtualization Security Requirements

• Scenario: A client uses the service of a cloud computing

company to build a remote VM
– A secure network interface
– A secure secondary storage
– A secure run-time environment
• Build, save, restore, destroy
 Virtualization Security Requirements
• A secure run-time environment is the most fundamental

– The first two problems already have solutions:

• Network interface: Transport layer security (TLS)
• Secondary storage: Network file system (NFS)

– The security mechanism in the first two rely on a secure run-

time environment
• All the cryptographic algorithms and security protocols
reside in the run-time environment
 Smaller TCB Solution

Smaller TCB
Actual TCB
 Domain building
• Building process
Domain save/restore
 Hypervisor Vulnerabilities
Malicious software can run on the same
server:
– Attack hypervisor
– Access/Obstruct other VMs
 NoHype*
• NoHype removes the hypervisor
– There’s nothing to attack
– Complete systems solution
– Still retains the needs of a virtualized cloud
infrastructure
 Roles of the Hypervisor
• Isolating/Emulating resources
– CPU: Scheduling virtual machines Push to HW /
– Memory: Managing memory Pre-allocation
– I/O: Emulating I/O devices Remove
• Networking
• Managing virtual machines Push to side
 Removing the Hypervisor
• Scheduling virtual machines
– One VM per core
• Managing memory
– Pre-allocate memory with processor support
• Emulating I/O devices
– Direct access to virtualized devices
• Networking
– Utilize hardware Ethernet switches
• Managing virtual machines
– Decouple the management from operation
 References

] "cloud computing." Dictionary.com Unabridged. Random House, Inc. 27 Feb. 2012.

<Dictionary.com http://dictionary.reference.com/browse/cloud computing>.
[2] “Cloud computing security.” Wikipedia, The Free Encyclopedia. Wikimedia Foundation, Inc.. 20
Feb 2012. Web. 27 Feb 2012. <http://en.wikipedia.org/wiki/Cloud_computing_security>.
[3] “ Cloud computing.” Wikipedia, The Free Encyclopedia. Wikimedia Foundation, Inc.. 28
February 2012. Web. 27 Feb 2012. <http://en.wikipedia.org/wiki/Cloud_computing>.
[4] nanospeak, . "Top Cloud Computing Companies List To Watch and Invest in 2012." Hub Pages.
10 Feb 2010: n. page. Web. 29 Feb. 2012. <http://nanospeck.hubpages.com/hub/Best-Cloud-
Service-Providers>.
[5] https://www.fastmetrics.com/blog/tech/what-is-cloud-computing/
[6] https://computer.howstuffworks.com/cloud-computing/cloud-computing.htm
[7] https://www.ques10.com/p/30825/enlist-and-explain-various-service-model-and-deplo/
[8] https://en.wikipedia.org/wiki/Cloud_computing_architecture
• http://www.vmware.com/pdf/virtualization.pdf
• NoHype: Virtualized Cloud Infrastructure without the
Virtualization. E. Keller, J. Szefer, J. Rexford, R. Lee. ISCA
2010.
• Secure Virtual Machine Execution under an Untrusted
Management OS. C. Li, A. Raghunathan, N.K. Jha. IEEE
CLOUD, 2010.
• An Introduction to Virtualization and Cloud Technologies
to Support Grid Computing. I.M. Lorente. EGEE08.