Virtual machines In Education

Abstract To provide education and particularly providing practical educational experiences to the students in the field of computing and information technology related courses including practical experience in the field of Networking, System Administration, and Operating Systems needs a lot of resources for the institution. Because this level of technical education can’t be provided only theoretically, students also need hands-on practical experience, and providing practical experience faces a lot of problems such as lack of funding and physical space, risks and threats to the network environment when we attempt to provide real, physical laboratory for experiments. This problem can be solved by developing a virtual environment for delivering students practical education. In this report we will look into different technologies used for virtualization today and do a comparative study. We will also explore some of the institutions, which are using virtual machines based environment to provide students practical experience in the field of computing and information Technology. And see how peoples are getting benefits from using virtual machines. We present how networks of virtual machines can be beneficiary for computing and information technology student and institutions by providing necessary environment in virtual network

The Design of Convoluted Kernel Architectural Framework for Trusted Systems – CKA

This paper presents the overview of the Convoluted Kernel Architectural framework and a comparative study with the traditional Linux kernel. The architecture is specially designed for trusted sever environment. It has an integrated layer of a customized Unified Threat Management (UTM) and Stealth-Obfuscation OK Authentication algorithm, which is a highly improved and novel zero knowledge authentication algorithm, for secure web gateway to the kernel mode. The framework used is a combined monolithic and microkernel based (hybrid) architecture code-named – the integrated approach, to trade in the benefits of both designs. The architecture serves as the base framework for the Trust Resilient Enhanced Network Defense Operating System (TREND-OS) currently being experimented in the lab. The aim is to develop an architecture that can protect the kernel against itself and applications

A Federated Architecture for Heuristics Packet Filtering in Cloud Networks

The rapid expansion in networking has provided tremendous opportunities to access an unparalleled amount of information. Everyone connects to a network to gain access and to share this information. However when someone connects to a public network, his private network and information becomes vulnerable to hackers and all kinds of security threats. Today, all networks needs to be secured, and one of the best security policies is firewall implementation. Firewalls can be hardware or cloud based. Hardware based firewalls offer the advantage of faster response time, whereas cloud based firewalls are more flexible. In reality the best form of firewall protection is the combination of both hardware and cloud firewall. In this thesis, we implemented and configured a federated architecture using both firewalls, the Cisco ASA 5510 and Vyatta VC6.6 Cloud Based Firewall. Performance evaluation of both firewalls were conducted and analyzed based on two scenarios; spike and endurance test. Throughputs were also compared, along with some mathematical calculations using statistics. Different forms of packets were sent using a specialized tool designed for load testing known as JMeter. After collecting the results and analyzing it thoroughly, this thesis is concluded by presenting a heuristics method on how packet filtering would fall back to the cloud based firewall when the hardware based firewall becomes stressed and over loaded, thus allowing efficient packet flow and optimized performance. The result of this thesis can be used by Information Security Analyst, students, organizations and IT experts to have an idea on how to implement a secured network architecture to protect digital information

Open-TEE - An Open Virtual Trusted Execution Environment

Hardware-based Trusted Execution Environments (TEEs) are widely deployed in mobile devices. Yet their use has been limited primarily to applications developed by the device vendors. Recent standardization of TEE interfaces by GlobalPlatform (GP) promises to partially address this problem by enabling GP-compliant trusted applications to run on TEEs from different vendors. Nevertheless ordinary developers wishing to develop trusted applications face significant challenges. Access to hardware TEE interfaces are difficult to obtain without support from vendors. Tools and software needed to develop and debug trusted applications may be expensive or non-existent. In this paper, we describe Open-TEE, a virtual, hardware-independent TEE implemented in software. Open-TEE conforms to GP specifications. It allows developers to develop and debug trusted applications with the same tools they use for developing software in general. Once a trusted application is fully debugged, it can be compiled for any actual hardware TEE. Through performance measurements and a user study we demonstrate that Open-TEE is efficient and easy to use. We have made Open- TEE freely available as open source.Comment: Author's version of article to appear in 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2015, Helsinki, Finland, August 20-22, 201

Executing distributed applications on virtualized infrastructures specified with the VXDL language and managed by the HIPerNET framework

International audienceWith the convergence of computing and communication, and the expansion of cloud computing, new models and tools are needed to allow users to define, create, and exploit on-demand virtual infras- tructures within wide area distributed environments. Optimally design- ing customized virtual execution-infrastructure and executing them on a physical substrate remains a complex problem. This paper presents the VXDL language, a language for specifying and describing virtual infras- tructures and the HIPerNET framework to manage them. Based on the example of a specific biomedical application and workflow engine, this paper illustrates how VXDL enables to specify different customized vir- tual infrastructures and the HIPerNET framework to execute them on a distributed substrate. The paper presents experiments of the deploy- ment and execution of this application on different virtual infrastructures managed by our HIPerNet system. All the experiments are performed on the Grid'5000 testbed substrate