CyberGuarder: a virtualization security assurance architecture for green cloud computing

Cloud Computing, Green Computing, Virtualization, Virtual Security Appliance, Security Isolation

Determining Enclosure Breach Electromagnetically

A structure breach may be determined. A sensor, provided in the structure, may be driven with a constant frequency signal. The sensor may comprise a first conductive element and a second conductive element. The first conductive element may be substantially parallel with the second conductive element. A standing wave pattern may be induced on the sensor by the constant frequency signal reflecting off a termination point of the sensor. A least one characteristic of the sensor caused by the voltage standing wave pattern may be measured. A breach occurrence in the structure may be determined when the measured at least one characteristic varies from a previously determined value by a predetermined amount. The first conductive element and the second conductive element may be sandwiched between two layers comprising the structure. The structure may comprise a shipping container floor. The detected breach may comprise an opening greater than nine square inches.Georgia Tech Research Corporatio

Using a virtual machine to protect sensitive Grid resources

Most Grid systems rely on their operating systems (OSs) to protect their sensitive files and networks. Unfortunately, modern OSs are very complex and it is difficult to completely avoid intrusions. Once intruders compromise the OS and gain system privilege, they can easily disable or bypass the OS security protections. This paper proposes a secure virtual Grid system, SVGrid, to protect sensitive system resources. SVGrid works by isolating Grid applications in Grid virtual machines. The Grid virtual machines' filesystem and network services are moved into a dedicated monitor virtual machine. All file and network accesses are forced to go through this monitor virtual machine, where SVGrid checks request parameters and only accepts the requests that comply with security rules. Because SVGrid enforces security policy in the isolated monitor virtual machine, it can continue to protect sensitive files and networks even if a Grid virtual machine is compromised. We tested SVGrid against attacks on Grid virtual machines. SVGrid was able to prevent all of them from accessing files and networks maliciously. We also evaluated the performance of SVGrid and found that performance cost was reasonable considering the security benefits of SVGrid. Furthermore, the experimental results show that the virtual remote procedure call mechanism proposed in this paper significantly improves system performance. Copyright © 2006 John Wiley & Sons, Ltd.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/56163/1/1134_ftp.pd