Virtualization in Mobile Clouds: Is Security Only Virtual?
Advances in virtualization technologies is one of the key factors fueling growth of cloud computing, in particular for mobile clouds. However, security is a major concern for cloud adoption. Such concerns are most acute in the IaaS (Infrastructure as a Service) service model, where a breach in infrastructure security may bring down an entire cloud system. What are the main threats against IaaS platforms and their mobile cloud extensions? How to protect Virtual Machines (VMs) and the hypervisor?
This talk attempts to provide answers to those key questions remaining so far only very partially addressed. After reviewing the main threats on virtualization platforms illustrated with a set of recent attacks, we describe the design and implementation of solutions to protect VMs such as security appliances or virtual machine introspection. We then focus on protection of the hypervisor, cornerstone of IaaS and mobile cloud security. After a survey of the counter-measures included in current mainstream hypervisors, we give an overview of possible approaches in hypervisor architecture to make the hypervisor “secure by design”. We also give some insight on recent evolutions in system virtualization security for IaaS and mobile clouds such as micro-hypervisors, embedded virtual machine monitors, automated IaaS security management, or the potential of nested virtualization to achieve both cross-layer and end-to-end security.
About the speaker
Dr. Marc Lacoste is a senior research scientist in the Security Department of Orange Labs. His main research interests are in security architecture, notably in cloud computing security, self-protecting systems, and open security kernels. He contributed to several European projects such E2R, investigating self-protection for Beyond 3G networks. He served in several major conference program committees. Member of the ACM, he also published numerous security research papers in international conferences, and holds several patents in this area. Dr. Lacoste received engineering degrees from Ecole Polytechnique and Télécom ParisTech, and holds a PhD in Computer Science from the University of Grenoble, France.
Vehicular Cloud Computing
Mobile Cloud Computing is a new field of research that aims to study mobile agents (people, vehicles, robots) as they interact and collaborate to sense the environment, process the data, propagate the results and more generally share resources. Mobile agents collectively operate as Mobile Clouds enabling environment modeling, content discovery, data collection and other mobile applications in a way that is not possible, or not efficient, with the conventional Internet Cloud alone.
This tutorial will focus on the Vehicular Cloud. The basic VANET building blocks are reviewed (Spectrum Management, MAC protocols, Routing) and Vehicle Cloud applications are presented, ranging from safe navigation to urban sensing/surveillance and intelligent transportation. The cooperation between Vehicular Clouds and the Internet Cloud is discussed in the context of a vehicular traffic management application.
About the speaker
Dr. Mario Gerla is a Professor in the Computer Science Dept at UCLA. He holds an Engineering degree from Politecnico di Milano, Italy and the Ph.D. degree from UCLA. He became IEEE Fellow in 2002. At UCLA, he was part of the team that developed the early ARPANET protocols under the guidance of Prof. Leonard Kleinrock. He joined the UCLA Faculty in 1976.
At UCLA he has designed network protocols including ad hoc wireless clustering, multicast (ODMRP and CODECast) and Internet transport (TCP Westwood). He has lead the ONR MINUTEMAN project, designing the next generation scalable airborne Internet for tactical and homeland defense scenarios. He is now leading several advanced wireless network projects under Industry and Government funding. His team is developing a Vehicular Testbed for safe navigation, content distribution, urban sensing and intelligent transport. Parallel research activities are wireless medical monitoring using smart phones and cognitive radios in urban environments.
He has served as a Technical Program Committee member of many international conferences, and is active in the organization of conferences and workshops, including MedHocNet and WONS. He serves on the IEEE TON Scientific Advisory Board. He was recently recognized with the annual MILCOM Technical Contribution Award for 2011 and the IEEE Ad Hoc and Sensor Network Society Achievement Award in 2011.