Virtualization and Cloud Computing in the CISSP
What Is Virtualization?
Virtualization technology refers to the act of hosting one or more virtual—rather than actual—guest operating systems, servers, network resources, or storage devices on a single host machine. This host computer can run the different operating systems simultaneously, such as Windows and Linux.
In fact, a guest system refers to the virtual guest, such as guest operating system, that is installed within the memory of a host machine.
CISSP Exam Tip: Some cloud experts also refer the “host & guest” as the “parent and child.”
A virtual machine (VM), also known as the guest, is a self-contained operating system or software program that not only behaves as a virtual computer but also performs tasks like the separate machine. VM is installed on a host computer and provides its virtual hardware, including hard drive, memory, network interfaces, and other components.
Without VMs, a single operating system owns all hardware resources. On the other hand, VMs allow multiple OSs to share their hardware resources with one another.
In virtualization technology, a hypervisor or virtual machine monitor (VMM) performs hardware virtualization, whereby the multiple guest operating systems (OSs) can run on a single host computer simultaneously.
Why Do Enterprises Use Virtualization?
Many enterprises deploy virtualization to benefit from significant cost saving and flexibility.
- Cost saving on software and hardware is one of the substantial benefits of virtualization. For example, a large physical server can host several small physical servers. In this way, the enterprises can spend on a single large server instead of purchasing many applications, operating systems, and hardware devices for multiple servers. Likewise, a single network can be virtualized into various virtual networks.
- Energy consumption is also much lower because only a few computer devices are deployed instead of a large number. Furthermore, maintaining the security of a single platform is much easier and cost-effective than that of multiple platforms.
- The configuration of virtual machines is more flexible than that of a physical one.
- Errors inside a VM cannot affect its host system and, therefore, the operating system of host machine doesn’t break down.
- The relocation of VM from one site to another is easy. Therefore, VMs are helpful in case of disaster recovery.
What Are Primary Security Concerns of Using Virtualization in Enterprises?
There are various security issues experienced by enterprises, including:
Trojaned Virtual Appliances/Machines
The term malicious or Trojaned virtual appliances refers to infected or “pre-packed” software packages that lure users to download and run it as a virtual machine. It can be a massive security concern for both private and public cloud environments. The Trojaned virtual appliances aid hackers in intruding into the cloud environment and finding vulnerabilities for exploitation. These attacks can be prevented by taking some proactive measures, including:
- Only using tested and verified appliances
- Cloud providers should properly configure hypervisor and other network configurations.
- Installation of an updated security defense system (Firewall, Anti-Virus, or Anti-Malware)
Misconfiguration of Virtual Networking
Usually, the special networking team, rather than many host administrators, configures network equipment and understands the complexities and security repercussions of network connection, routing, tagging, VLAN, etc. If these network devices are improperly configured, the traffic for one virtual machine can be delivered to other virtual machines that may cause unseen vulnerabilities.
A properly configured hypervisor can prevent the unauthorized access compromising the cloud environment. On the other hand, unrestricted access from the untrusted network can pose a grave risk to the cloud architecture.
Many hackers attack the hypervisor’s controlled resources shared between guest and guest, or host and guests. Therefore, there must be predefined access rules and restrictions or a security control mechanism for hypervisor to mitigate these kinds of threats.
Loss of Visibility
A senior computer scientist for NIST, Murugiah Souppaya, said that some security issues stem from the loss of visibility into the guest operating system’s workload and network traffic across the virtualized environment. The management of innumerable virtual instances can also be a great challenge.
What Is Cloud Computing?
Cloud computing is a form of Internet-based computing in which a large number of computers are connected in public and private networks, to provide a scalable infrastructure for file storage, application, and data.
What Are Main Benefits of Cloud Computing?
Cloud computing offers significant advantages, such as:
Reduced Cost—Cloud computing eradicates the high expenditures of purchasing hardware and software, establishing on-site data centers, and requiring energy for power and cooling.
Speed—Cloud computing offers many on-demand services within a few minutes or within a few mouse clicks.
Global Scale—Cloud providers ensure the delivery of IT resources at large distances by offering an ample storage, bandwidth, and computing power within their massive infrastructure. The management of that data storage is also very effective.
Reliability—In cloud computing, the disaster recovery and data backup are easy and less expensive.
Cloud Computing Service Models
Cloud computing services group into three categories:
Software as a Service (SaaS): This model offers the delivery of software applications over the internet. The cloud providers not only provide these applications but also manage their maintenance, such as security patching and upgrades.
Platform as a Service (PaaS): With PaaS, cloud providers offer an on-demand development environment that can be used to develop and test a software application. The software developers use PaaS to develop mobile or web applications.
Infrastructure as a Service (IaaS): This model provides IT infrastructure on rent. The infrastructure includes servers, virtual machines, operating systems, storage, network, etc.
What Are Primary Security Concerns of Using Cloud Computing in Enterprises?
Recently, the Cloud Security Spotlight Report indicated that “the 90% of the enterprises are very concerned about the public cloud security.” Some of the security concerns for Cloud Computing include:
Data Breaches—According to the study, Man in Cloud Attack conducted by Ponemon Institute, “over 50% of IT professionals believed that their enterprises’ security measures to protect and secure data on cloud are very low. The study concluded that the data breaches are frequent in the organizations’ cloud environment.”
Hijacking of Accounts has occurred through phishing as well as many other malicious attacks to access sensitive information on the cloud. In 2010, Amazon encountered a cross-site scripting bug aimed at targeting customers’ credentials.
Malware Injection—Attackers inject malware scripts into the cloud services that act as SaaS to the cloud servers. Once the malware is successfully injected, the intruder can compromise the integrity of the sensitive data on the cloud. According to the East Carolina University report, “malware injection is a major security issue in cloud architecture.”
Data Loss can be caused by a cyber-attack, natural disaster, or a wipe by a service provider. For example, Amazon permanently lost some of its customers’ data in 2011.
Distributed computing is a model in which multiple computers work on a single problem that is divided into many parts. For instance, a word processing application might incorporate spell-checker on one computer, a thesaurus on a second computer, and an editor on a third computer and all these computers might have different operating systems.
In computing, the security considerations are significant, both for the host/terminal model and the client-server model. In host/terminal model, the security issues must be addressed for every physically distributed system instead of just their single centralized host.
Since the resources are distributed among multiple servers and clients on a network, all the computers should be properly protected and secured. The network connections between servers and clients should also be protected and secured.
The organizations that use distributed computing must ensure that users’ machines are not compromised. In fact, these machines access network servers and other distributed resources. Therefore, the protection of these machines is paramount.
Another security concern in distributed architecture is the use of communication equipment. For instance, a modem attached to a desktop computer and the distributed network of an organization can pose a grave risk to the whole network. If the user of a desktop machine downloads freely patched software or other malicious applications from the internet, his computer would indeed be compromised.
Distributed computing requires some standards that specify how objects would communicate with one another. These standards are described below.
Distributed computing environment (DCE) is a suite of technology services used to create distributed applications. DCE services incorporate:
- Distributed File Service
- Directory Service
- Threads Service
- Time Service
- Security Service
- Remote Procedure Calls (RPC)
Common object request broker architecture (CORBA) provides an environment in which many programs, namely objects, can communicate with one another. These programs don’t depend on their running operating systems or the programming languages in which they’re written.
Distributed component object model (DCOM) is an extension of component object model (COM). DCOM employs RPC mechanisms to send and receive data between COM components, such as client and server, on the same network.
CISSP Boot Camp
Are you aspiring to CISSP certification? The InfoSec Institute offers CISSP BOOT Camp Course for candidates who want to pass the CISSP exam with top scores. The institute has the highest pass rates (93%) in the industry. Moreover, InfoSec has been one of the most awarded (42 industry awards) and trusted information security training vendors for 17 years.
InfoSec also provides thousands of articles on various security topics.
We've encountered a new and totally unexpected error.
Get instant boot camp pricing
A new tab for your requested boot camp pricing will open in 5 seconds. If it doesn't open, click here.