[Virtual Security on I.T. Systems]

By

ACKNOWLEDGEMENT

I would take this opportunity to thank my research supervisor, family and friends for their support and guidance without which this research would not have been possible

DECLARATION

I, [type your full first names and surname here], declare that the contents of this dissertation/thesis represent my own unaided work, and that the dissertation/thesis has not previously been submitted for academic examination towards any qualification. Furthermore, it represents my own opinions and not necessarily those of the University

Signed __________________ Date _________________

ABSTRACT

Virtualization is one of the enabling technologies of cloud computing. It turns once dedicated physical computing resources such as servers into digital resources that can be provisioned on demand. Cloud computing thus tends to replace physical with digital security controls, and cloud security must be understood in this context. In spite of extensive research on new hardware-enabled solutions such as trusted platforms, not enough is known about the actual physical-digital security trade-off in practice. In this paper, we review what is currently known about security aspects of the physical-digital trade-off, and then report on three case studies of private clouds that use virtualization technology, with the purpose of identifying generalizable guidelines for security trade-off analysis. We identify the important security properties of physical and digital resources, analyze how these have been traded off against each other in these cases, and what the resulting security properties were, and we identify limits to virtualization from a security point of view. The case studies show that physical security mechanisms all work through inertness and visibility of physical objects, whereas digital security mechanisms require monitoring and auditing. We conclude with a set of guidelines for trading off physical and digital security risks and mitigations. Finally, we show how our findings can be used to combine physical and digital security in new ways to improve virtualization and therefore also cloud security.

TABLE OF CONTENTS

ACKNOWLEDGEMENTII

DECLARATIONIII

ABSTRACTIV

CHAPTER 1: INTRODUCTION1

Background of the study1

Problem Statement5

Purpose of the study6

Rationale of the study7

Significance of the study7

CHAPTER 2: LITERATURE REVIEW11

CHAPTER 3: METHODOLOGY29

Sampling and data collection29

Data analysis30

CHAPTER 4: RESULTS & DISCUSSION37

CHAPTER 5: CONCLUSION43

REFERENCES45

APPENDICES49

CHAPTER 1: INTRODUCTION

Background of the study

As virtual servers move into production, IT needs to address security and compliance issues. Sensibly, they use host-based security such as antivirus and anti-malware agents. However, they also use network tools to protect virtual servers exactly as if they were simply very thin, very densely stacked rack mount boxes. For example, XP Anti-Virus 2011 or also known as Vista Anti-virus 2011 and Win 7 Anti-virus 2011 is a rogue program that will be installed on multiple operating system. XP Anti-virus 2011 is a variant that will be installed on the system running under Windows XP as detected by the Trojan. It has the capability to gather system's specifications to match the OS and make itself look like a legitimate application.  Regardless of the name, these are all the same program developed to persuade computer users and convince them to buy the licensed version by deceptive means. Eiee by pop-up alerts or task bar warning messages, XP Anti-virus 2011 will declare that computer ...