Towards multi-layer autonomic isolation of cloud computing and networking resources

International audienceThis paper describes a flexible approach to manage autonomically cloud resource isolation between different layers of an IaaS infrastructure, reconciling computing and network views. The corresponding framework overcomes fragmentation of security components and automates their administration by orchestrating different autonomic loops, vertically (between layers) and horizontally (between view

RetroVisor : nested virtualization for multi IaaS VM availability

International audienceNested virtualization provides an extra layer of virtualization to enhance security with fairly reasonable performance impact. Usercentric vision of cloud computing gives a high-level of control on the whole infrastructure, such as untrusted dom0. This paper introduces RetroVisor, a security architecture to seamlesslyrun a virtual machine (VM) on multiple hypervisors simultaneously. We argue that this approach delivers high-availability and provides strong guarantees on multi IaaS infrastructures. The user can perform detection and remediation against potential hypervisors weaknesses, unexpected behaviors and exploits