Research Of Virtualization Security Issues In Cloud Computing

As a new computing mode, cloud computing provides users with a variety of services in a openmode, but the mode has some security risks. Virtual machine system is the core of cloud computing,so its security is the key to cloud environment. The paper studies the security of virtualization toimprove VM own security from two aspects: improving VM key security with enhancingrandomness of the random in VM entropy pool, and reducing the probability of VM under attackwith shortening the time of VM migration.Aiming at the security problems of the data of the VM, the paper presents a random numbergeneration method, basing on virtual machines and virtual machine network access, to generatehigh-random random sequence. Firstly, we combine the VM network environment with user accessbehavior of the VM to construct an environment access to random. Basing on this randomenvironment, we propose a new random number generation algorithm, which takes advantage of theunpredictability of the virtual machine network and non-simulated of user access, then uses virtualmachine’s powerful capacity of processing massive data to combine and screen random information,finally results random sequence with randomness. In the paper, we tested the uniformity,independence and cryptographically of the generated random sequence, experimental results showthat this algorithm meets the needs of security.In addition, the paper presents an algorithm, the VM fast memory pre-copy live migration, itcombines page replacement with pre-copy algorithm. According to the ideology: with the recentpast as the approximate of near future in LRU algorithm, the paper uses the modification frequencyof memory pages over time to determine the modification frequency future, and introduces mark-bitqueue to save the changes recorded of memory pages. In iterative process, dirty memory pages,judged as frequent changes, will be skipped, until the modification frequency drops to the thresholdor be output until the final round of iteration. In the paper, we tested the number of iterations, thetotal migration time, downtime and total amount of data transmission in the migration process.From the experimental results we can see, fast memory pre-copy algorithm proposed in the paper,reaches the purpose of reducing the probability of a VM under attack.