Research On Several Problems Of Virtual Machine Security In Cloud Computing Platform

The security of virtual machines(VMs)guarantees security to the service capability of cloud computing platforms.With the rapid development of cloud computing platform technology,an increasing number of enterprises has started to use VMs to provide and deploy services in the cloud computing platform.The security of VMs could directly influence cloud computing platform application services.However,the cloud computing platform provides a more open network environment,and the environment of the cloud computing platform is dynamic and uncertain.These features usually affect the security and performance of VMs in the cloud computing platform.Therefore,it is necessary to design a method to improve the security of VMs,combining the characteristics of the cloud computing platform system and the dynamic environment of the cloud computing platform.To improve the security of VMs in cloud computing platforms,fault tolerance method based on workload consolidation model of VM was studied according to domestic and foreign literatures.From the aspects of VM security access and state prediction,Constraint-based Model for VM Access Control and the security state prediction method of VM was studied.Based on the analysis of the existing results,task scheduling algorithm based on VM availability awareness was completed from the aspect of improving the application performance in the VM system of the cloud computing platform.The main research contents and conclusions are summarized as follows:(1)VM workloads are dynamic and uncertain,and thus,they affect the reliability and task processing capability of entire cloud computing platforms.In this study,a fault tolerance method based on the VM workload consolidation model was proposed to solve problems concerning the reliability and task processing capability of cloud computing platforms caused by VM workloads,thus improving the reliability of VMs and overall performance of cloud computing platforms.First,the method analyzed the distinct relationship of VM workload and VM reliability and task processing capability,and proved that the VM workload consolidation could improve VM reliability and task completion rate.Then,the workload state of VM was predicted and analyzed by linear regression using VM workload monitoring data,and fault tolerance algorithm of the VM workload consolidation was constructed based on expected workload constraint and optimization of fault tolerance time.Finally,the fault tolerance method based on the VM workload consolidation model was compared with the Radom method and the Max method.The experiment results show that the workload consolidation of VMs can increase the reliability and task processing capability of VMs.(2)Given that the cloud computing platform environment is dynamically variable,static VM access operational authorization is different from the dynamic cloud computing platform environment in state determination.This difference affects the safety and performance of VMs in the entire cloud computing platform.A constraint-based VM access control model was proposed in this study to evaluate the influence of dynamic environmental change in a cloud computing platform on VM access control operation.The state information of the dynamic cloud computing platform was considered a constraint evaluation function.The model realized organic integration of static Bell–LaPadula model safety level and dynamic cloud computing platform environmental information.A safety policy of VM access control operation was established,and the capability of the constraint-based access control model improving the safety of VMs was verified.Then,a model implementation framework and the main functions in combination with the proposed model were realized.Finnally,the effectiveness and performance of the constraint-based VM access control model were evaluated.The research results demonstrate that a constraint-based VM access control model in the cloud computing platform can adapt to the complex dynamic cloud computing platform environment and improve the security of VMs in the cloud computing platform.(3)Due to the dynamic and uncertain nature of the cloud computing platform environment,the performance of learning and predicting of cloud computing platform security state will be affected.Therefore,learning and predicting method of security state of cloud computing platform based on improved hidden Markov model was proposed in this paper.This method combined the internal security state and observable state of the cloud computing platform to construct the cloud computing platform security state transition model,and established a linear regression AdaBoost learning and predicting algorithm for the observation state of cloud computing platform.Then,based on the observable state learning and predicting results,the hidden Markov model was used to learn and predict the security state of the cloud computing platform,and calculated the probability trend of the internal security state of the cloud computing platform in the future.Finally,the paper made a comparison between the proposing learning and predicting method of security state of cloud computing platform and the hidden Markov model method,and tested the effectiveness and performance.The research results show that the cloud computing platform security state learning prediction method can predict the security state of the cloud computing platform in a timely and accurate manner.(4)The dynamic change of VM availability constitute difficulties for task scheduling,and quality requirements of task services cannot be satisfied and thus seriously affect the task scheduling capacity of the cloud computing platform.A task scheduling algorithm based on VM availability awareness was proposed to solve the unmatching problem between VM availability and quality of service(QoS)to improve task scheduling capacity of VMs.This algorithm combined available task processing capacities of VMs and task requirement features to establish a differential entropy model between VM availability and task availability requirement.Then,task availability matching and scheduling was realized through the principle of maximum entropy,and task scheduling was optimized from the aspect of balance of server workloads.Finally,a comparative verification between the task scheduling algorithm and Random and Minmin algorithms was implemented.This study concludes that the VM availability awareness method satisfies the task requirements and improves task processing performance of the VM in the cloud computing platform.