Risk analysis of the use of virtualization and containerization technologies in cloud services
DOI: 10.31673/2412-9070.2019.051926
DOI:
https://doi.org/10.31673/2412-9070.2019.051926Abstract
The article considers the problem of the consequences of the use of virtualization and containerization technologies in cloud services. The use of virtualized IT infrastructure brings a lot of advantages to the business, namely: it allows to reduce costs, simplify the operation of servers and client devices. However, at the same time, new threats to the security of data and networks arise, information risks increase and conditions are created for the compromise of virtual machines. Therefore, the decision to ensure the protection of virtualized IT infrastructures has ceased to be exclusively technical, now they include organizational measures and provide practical measures to eliminate problem situations. The reason for the increase in information risks lies in the very nature of virtualization. The reason is that the virtual infrastructure differs from the physical in two elements: the hypervisor and the hypervisor management tool. The hypervisor and its management tool are critical elements in a virtual IT infrastructure. They pose a threat to the virtualization of IT infrastructure. The features of these threats during the implementation of virtualization and containerization in cloud services are described. It has been shown that the greatest danger to virtualized IT infrastructures lies in the fact that weaknesses in virtualization solutions allow an attacker to use the malicious code to influence the hypervisor of the host operating system; therefore, conditions are created to affect guest systems. If an attacker gains full control over the hypervisor, all connected sections of the network, mass storage systems, and all virtual machines will become available to him. The most probable threats to virtualized IT infrastructures are considered, namely: the threat of uncontrolled manipulation of virtual machines; threat to the consolidation of virtual machines; virtualization platform vulnerability threat. Organizational measures are proposed to ensure the protection of virtualized IT infrastructures by strengthening the hypervisor and developing a network concept. The tools for protecting virtualized IT infrastructures are considered.
Keywords: virtualization; containerization; threat; vulnerability; IT infrastructure.
References
1. Технологии виртуализации и защищенность информационных систем [Електронний ресурс]. URL: http://lib.itsec.ru/articles2/Oborandteh/tehnologii-virtualizacii-i-zaschischennostjinformacionnyh-sistem / (Дата перегляду 30 грудень 2019)
2. Рынок виртуализации: новые возможности и новые риски [Електронний ресурс]. URL: https://www.itweek.ru/security/article/ detail.php?ID=164047/(Дата перегляду 30 грудень 2019)
3. Даник Ю. Г., Катков Ю. І., Пічугін М. Ф. Національна безпека: запобігання критичним ситуаціям: монографія. Житомир: Рута, 2006. 386 с.
4. Вишнівський В. В., Катков Ю. І., Сєрих С. О. Роль і місце інформаційної інфраструктури під час виникнення явища критичності організаційної системи // Зв’язок. 2017. №5. С. 51–56.
5. Виртуальные серверы — реальные риски [Електронний ресурс]. URL: https://www.osp.ru/lan/2010/09/13004325/ (Дата перегляду 30 грудень 2019)
6. Безопасность виртуализации. Ч. 1 [Електронний ресурс]. URL: https://habr.com/ru/post/243845/ (Дата перегляду 30 грудень 2019)
