By Jan De Clercq
To secure a converged cloud, begin with the virtual machines (VMs) provisioned within the cloud. A converged cloud environment commonly uses virtualization and virtual machines (VMs). In the context of cloud computing security, the term VM applies to both VM images and VM instances. A VM instance is an operational copy of a VM image.
To assure VM security—namely confidentiality, integrity and availability protection—during the VM lifecycle, you should use secure virtual machine (VM) lifecycle management to provide security services. Secure VM lifecycle management can be split into a set of key stages and functions for both the VM image and the VM instance.
The stages and functions of a VM image lifecycle are:
- VM image creation. A VM image must be secure by default. It must be created using a secure VM development process where the necessary hardening and configuration settings are defined and applied to a “standard” VM image.
- VM image storage. VM image storage securely stores the VM image, providing sufficient confidentiality, integrity, and availability protection, and assures that only authorized users can access the VM image from storage.
- VM image patching. VM image patching assures that VM images contain the latest patches and security fixes to remain protected from vulnerabilities and threats.
- VM image backup and restore. VM image backup and restore assures that VM images are maintained and can remain operational even in the event of a failure or natural disaster.
- VM image deletion. VM image deletion assures that VM images are properly deleted from storage and that no traces are left. It requires access control mechanisms to authorize VM deletion as well as secure deletion controls, such as zeroing and wiping solutions.
The stages and functions of a VM instance lifecycle are:
- VM provisioning and de-provisioning. VM provisioning and de-provisioning automates the instantiation (from a VM image) and removal of an operational VM instance. It also provides lifecycle tracking, which maintains a log of all actions that occur during the life of a VM, including traces of all VM-related administrative and configuration actions.
VMs must be provisioned to a Virtual Machine Manager (VMM) instance in a secure way. This requires proper access control to decide who is authorized to provision a certain VM to a VMM, and it also affects secure communication and auditing (activity monitoring) controls. This applies to VM de-provisioning, too.
- VM operation. VM instances must be used and managed in a secure way. This has implications for all actors using the VM instance. It requires access control and secure communication mechanisms. In a multi-tenant cloud environment, it’s important to have proper security isolation between the VMs of different tenants.
- VM migration. VM migration occurs when a VM is manually or automatically moved between different VMMs that are part of the same or different cloud platforms. Migration must be done over secure communication channels and can only be executed after the person or service initiating the migration has been properly authenticated and authorized.
- VM archiving. VM archiving is used to maintain a copy of a VM image that is not in use on a storage platform. It can be subjected to Information Lifecycle Management (ILM) policies and retention requirements. VM archiving requires access control mechanisms to initiate archiving and authorize access to archiving storage providers; secure backup and recovery to make sure the archive is effectively maintained even in the event of a failure or disaster; and secure archival storage to ensure the archive provides confidentiality and integrity protection, which is typically achieved using encryption and integration protection mechanisms.
Secure Virtual Machine Image and Instance Lifecycle Management
This is the second article in my "Cloud Security" series. These are de links to the rest of installments:
- (Previous article) NEW Cloud Security Series: Enable 5 Key Security Processes to Protect a Converged Cloud (link)
- Part 2/Service Aggregation and Cloud Bursting: Enable 5 Key Security Processes to Protect a Converged Cloud (link)
- Part 3/Secure Virtual Machine Lifecycle Management: Enable 5 Key Security Processes to Protect a Converged Cloud (link)
- Part 4/Secure Universal Remote Access: Enable 5 Key Security Processes to Protect a Converged Cloud (link)
- Part 5/Secure Federated Identity Management: Enable 5 Key Security Processes to Protect a Converged Cloud (link)
- Read this white paper to learn more about handling security risks in the cloud: "5 Cloud Security Concerns You Must Address"
- See what's happening around cloud computing at HP Discover 2012
- Learn more about HP's Cloud Protection Services
- Find out more about other HP Cloud Consulting Services
- Listen to Jan's podcast about cloud security, identity and access management, mobility security, and security for Microsoft platforms and solutions: podcast.
Jan De Clercq is a solution architect with HP's worldwide HP Technology Consulting IT assurance portfolio team. He focuses on cloud security, identity and access management, mobility security, and security for Microsoft platforms and solutions.