| As one of the core technologies of cloud computing,virtualization technology has many advantages,such as efficient integration of server resources,improving resource utilization,reducing hardware costs and management costs,etc.It has promoted the rapid development and application of cloud computing technology,and has been deeply integrated with government governance,social production and people's lives.Virtualization is essentially the abstraction and sharing of physical resources,cause new security risks while making convenient.China has established a network security review system and issued relevant security standards,in which virtualization security is an important component of cloud computing security.The resource sharing and complex application logic supported by virtualization technology make virtualization security evaluation technology face enormous challenges and become one of the important issues to be solved urgently.Focusing on the subject of security testing of virtualization technology,this master thesis studies security testing technology from memory,network,storage and other aspects of the oVirt-KVM cloud computing platform,designs a set of virtualization security testing methods,and develops the corresponding testing system.The testing system can provide security testing methods for cloud computing virtualization from three aspects: virtual memory isolation,virtual network isolation and virtual storage isolation.The main contents of the design and implementation are as follows:1.Analyze the design principle and operation mechanism of KVM virtualization technology and oVirt cloud platform architecture,analyze the security risks,study the security requirements of virtualization,and propose a virtual security testing scheme for oVirt-KVM cloud computing architecture.The scheme consists of three parts: virtual memory isolation detection,virtual network isolation detection and virtual storage isolation detection.2.On the basis of the above research,the testing system is designed.The testing system consists of core test service,test management function and system software framework.The architecture includes service layer,analysis layer,data layer,execution layer and management center.The system consists of portal service module,system communication service module,test task management module,core test service module and test data management module.The software structure includes web subsystem,exchange subsystem and testing subsystem.The system development adopts Python language and Flask framework,and has REST style.3.functional verification of the implementation of the virtualized security testing system.The test scenario and test case are constructed to confirm the effectiveness of each functional module of the testing system.Experiments show that the virtual security testing system based on oVirt-KVM designed in this master thesis achieves the research objectives,and the running results basically meet the design requirements. |
PDF Full Text Request