Privacy-preserving virtual machine checkpointing mechanism Online publication date: Sun, 14-Sep-2014
by Mikhail I. Gofman; Ruiqi Luo; Chad Wyszynski; Yaohui Hu; Ping Yang; Kartik Gopalan
International Journal of Cloud Computing (IJCC), Vol. 3, No. 3, 2014
Abstract: Virtual machines (VMs) have been widely adopted in cloud platforms to improve server consolidation and reduce operating costs. VM checkpointing is used to capture a persistent snapshot of a running VM and to later restore the VM to a previous state. Although VM checkpointing eases system administration, such as in recovering from a VM crash or undoing a previous VM activity, it can also increase the risk of exposing users' confidential data. This is because the checkpoint may store a VM's physical memory pages and disk contents that contain confidential data such as clear text passwords and credit card numbers. This paper presents the design and implementation of SPARC, a Security and Privacy AwaRe virtual machine Checkpointing mechanism. SPARC enables users to selectively exclude users' confidential data within a VM from being checkpointed. We describe the design challenges in effectively tracking and excluding process-specific memory and disk contents from the checkpoint file for a VM running on the commodity Linux operating system. We also present techniques to track process dependencies due to inter-process communication and to account for such dependencies in SPARC.
Online publication date: Sun, 14-Sep-2014
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Cloud Computing (IJCC):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email firstname.lastname@example.org