Design And Implementation Of Virtual Machine Security Detection System Based On OpenStack-KVM Architecture

At present,the cloud computing technology,which takes virtualization as the core technology,represents the trend of the development of the current information network.More and more government institutions and enterprises have begun to use cloud computing technology or services to build information systems and application platforms.Virtualization technology improves the utilization ratio of cloud computing hardware resources.Although users can get all kinds of resources support through virtual machines,there are new security risks.This risks are difficult to control,causing potential users to worry about cloud computing,which seriously affects the promotion of cloud computing applications.In the paper "information security technology and cloud computing service security requirements",the security capability of the virtual machine is an important part of the security capability of cloud computing.Its security effectiveness in memory,storage,and operation needs to be evaluated through professional testing.This thesis focuses on the theme of virtual machine security detection,designs and implements a distributed detection system based on the widely used OpenStack-KVM cloud platform architecture.The system studies the security testing method of virtual machine from three aspects: encryption and isolation of virtual machine memory,storage encryption and isolation,fault isolation.The system provides an auxiliary means for the security detection of the virtual machine.The main contents are as follows:1.The thesis analyzes the composition of OpenStack-KVM cloud platform architecture and the running mechanism between components,and puts forward the requirements of virtual machine security detection.Based on the research of the realization principle of virtualization technology,combined with the characteristics of OpenStack cloud platform and the existing methods of virtual resource encryption and isolation,a virtual machine security detection scheme is proposed.From the five aspects of virtual machine memory encryption detection,memory isolation detection,storage encryption detection,storage isolation detection and fault isolation detection,the technology route of implementing virtual machine security detection is expounded.2.On the basis of these studies,combined with the characteristics of OpenStack-KVM architecture cloud platform,we design and implement a virtualmachine security detection system based on OpenStack-KVM architecture by using Master-slave structure.The system realization process of this thesis is divided into two parts,which are Web console and Backend.Restful technology is used for distributed communication between various parts.Web console provides a simple Web operation interface that is responsible for interacting with the user.Through it,the management of the system user,the node to be measured,the detection task,the detection report and so on can be realized.Backend is the actual executor of the detection task,is responsible for detecting the execution of the script and feedback the results to the Web console.Backend includes five modules,and the coupling between each module is low.It can independently realize the corresponding function of the design of the above detection scheme.3.The functional verification of the virtual machine security detection system based on OpenStack-KVM architecture is carried out in this thesis.It is proved by the test that the testing system designed in this thesis has good reliability and basically meets the design requirements.