Security: Replicating Virtual Servers Vulnerable to Attack

Replicating Virtual Servers Vulnerable to Attack
Network World (02/15/08) Greene, Tim
Jon Oberheide, a PhD candidate at the University of Michigan, says there is a big security risk related to virtualization. He says that one of the most attractive features of virtualization--the ability to spontaneously replicate virtual servers in order to meet demand--increases the risk of attacks such as data theft and denial of service. Oberheide attributes this increased risk to the fact that authentication between machines is weak when a virtual machine moves from one physical server to another, and because virtual-machine traffic between physical machines is unencrypted. However, there are two solutions to these problems, Oberheide says. A short-term solution is to install hardware-based encryption on all the physical servers that might send or receive virtual machines, while a long-term solution is to incorporate strong authentication into virtual machine software. Oberheide has developed a proof-of-concept tool he used in a lab to launch man-in-the-middle attacks against virtual machines as they moved from one physical server to another. Nemertes Research analyst Andreas Antonopoulos says Oberheide's work is fascinating, and adds that virtual servers face much more basic challenges. "Our entire security infrastructure has been built around a static model, and as we're virtualizing everything else, the virtualization of security is lagging by a tremendous amount," he says. "That's causing real problems in architecture decisions today."
Click Here to View Full Article