A Multilayer Access Control System For Logic Virtual Domain

At present, cloud computing has become a hot research focus in information technology, what's more, virtualization technology which divides high-performance computing resources by virtual machines and shields the differences of hardware architectures, can effectively promote the development of cloud computing. Logic virtual domain (LVD) which is in order to meet the resource and collaboration processing needs of a distributed application is a dynamic union composed by multiple virtual machines running on different virtualized service nodes in cloud environment, thus it offers an efficient and flexible execution environment for the upper software to configure resources.However, the IT architecture constituted by a large number of LVDs includes extremely complicated configuration and management tasks, and leads to wrong information flow and unreasonable resource sharing among virtual machines. Meanwhile, placing different customers'workloads on the same physical machine may results in lots of vulnerabilities, such as denial of service attacks, leakage of sensitive data. Furthermore, relying on the security mechanism of the mainstream virtual machine monitors can not solve the cross-platform domain isolation and resource sharing issues.To solve those problems above, a multilayer access control system for logic virtual domain, named CloudAC, aiming to provide isolation control, reasonable information flow control, and resource sharing among virtual machines based on Xen virtualization platforms, is designed and implemented. CloudAC prototype supports upper to four access control types at all the three layers of logic virtual domains. Separately, Chinese wall policy is enforced at the inter-LVD layer and the intra-LVD layer policies involves multilevel security policy and discretionary access control, at the virtualized service node layer simple type enforcement policy is enforced and the resource priority control is also dealt with. Besides, security policies are enforced at virtual bridge in Dom0 and transparently to virtual machines, which is in order to promote the efficiency of policy loading and reduce the secure channels among nodes. Besides, trusted platform module are adopted to prove whether a platform is trusted or not so as to provide trusted guarantee for cloud client at the time of building logic virtual domains.The test results of CloudAC prototype indicate that it's able to effectively control information flows among virtual machines and has excellent function realization, and the overhead of the inter-domain policy enforcement only amounts to 6% of the LVD start-up time in the condition of 100Mbps Ethernet bandwidth, at the same time the executing time of loading the two intra-domain policies are both on the basis of three seconds growth.