Privacy-preserving virtual machine checkpointing mechanism.
International journal of cloud computing(2014)
摘要
Virtual machines (VMs) have been widely adopted in cloud platforms to improve server consolidation and reduce operating costs. VM checkpointing is used to capture a persistent snapshot of a running VM and to later restore the VM to a previous state. Although VM checkpointing eases system administration, such as in recovering from a VM crash or undoing a previous VM activity, it can also increase the risk of exposing users’ confidential data. This is because the checkpoint may store a VM’s physical memory pages and disk contents that contain confidential data such as clear text passwords and credit card numbers. This paper presents the design and implementation of SPARC, a Security and Privacy AwaRe virtual machine Checkpointing mechanism. SPARC enables users to selectively exclude users’ confidential data within a VM from being checkpointed. We describe the design challenges in effectively tracking and excluding process-specific memory and disk contents from the checkpoint file for a VM running on the commodity Linux operating system. We also present techniques to track process dependencies due to inter-process communication and to account for such dependencies in SPARC.
更多查看译文
关键词
privacy-preserving
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要