Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.1.95

The security requirements suggestion based on cloud computing security threats for server virtualization system  

Ma, Seung-Young (Center for Information Security Technologies, Korea University)
Ju, Jung-Ho (Center for Information Security Technologies, Korea University)
Moon, Jong-Sub (Center for Information Security Technologies, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.1, 2015 , pp. 95-105 More about this Journal
Abstract
In this paper, we propose the security requirements for developing the security functions of server virtualization system. The security requirements are based on the security threats of server virtualization system, and we verified the validity by defending the security threats of server virtualization system. For inducting the security threats damaging server virtualization system from cloud computing security threats, we analyze and suggest the relations between security threats and security issue of server virtualization system.
Keywords
cloud computing; server virtualization; security requirements;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Jeong - Ho Lee, "VM ware journey towards cloud computing," Goodus Inc., 2011.
2 Inhyuk Kim, Taehyoung KIm, Junghan Kim, Byounghong Lim, and Young Ik Eom, "The trend of virtualization technology for system security," Korea Institute of Information Security & Cryptology, 19(2), pp. 26-34, April. 2009.
3 William Hau and Rudolph Araujo "Virtualization and risk, key security considerations for your enterprise architecture" McAfee Inc., 2007.
4 Evangelia Kalyvianaki, "Resource provisioning for virtualized server applications," UCAM-CL-TR-762, Computer Laboratory, University of cambridge, 2009.
5 "Security framework for cloud computing." Recommendation ITU-T X.1601, Jan. 2014.
6 Rafal Los and Alex Ginsburg, "The notorious nine cloud computing top threats in 2013," Cloud Security Alliance, 2013.
7 Louis Marinos, "Threat landscape 2013," ENISA, Dec. 2013.
8 Kyung Oh, "Cloud services and virtualization technology," Journal No.125, TTA, Oct. 2009.
9 Byung-Joo Moon, "Server virtualizati-on technology trends," Weekly Technical Trends 1302, NIPA, 2007.
10 Jong-sub Moon, "Security requirements for server virtualization system," TTAK.KO-10.0708, Dec. 2013.
11 Houlin Zhao, "Security in telecommunications and information technology," ITU-T, Dec. 2003.
12 "Information technology open systems management: log control function," ITU-T X.735, 1992.
13 "Information technology open systems management: security audit trail function," ITU-T X.740, 1992.
14 "Information technology open systems management: objects and attributes for access control," ITU-T X.741, 1995.
15 "Information technology open systems interconnection systems management: software management function," ITU-T X.744, 1996.
16 "Security architecture for open systems interconnection for CCITT applications," ITU-T X.800, 1991.
17 "Information technology open systems management: confident-iality framework," ITU-T X.814, 1995.
18 Karen Scarfone, Murugiah Souppaya, and Paul Hoffman, "Guide to security for full virtualization technologies," Special Publication 800-125, NIST, 2011.
19 Peter Mell and Timothy Grance, "The NIST definition of cloud computing," Special Publication 800-145, NIST, 2011.
20 Patrick D. Gallagher, "Guide for Conducting Risk Assessments," Special Publication 800-30, NIST, 2012.
21 "NIST Cloud Computing Security Reference Architecture," Special Publication 500-299, NIST, 2011.
22 Agnostic Virtualization Comparison, http://www.virtualizationmatrix.com/matrix.php?category_search=all&free_based=1