Hypervisor Security Analyses Based on Ishikawa Methodology

Svetlana Kolesnikova
2018 Journal of Computers  
Nowadays Virtualization is an underlying technology in cloud computing that simplifies data center management improves corporate resource utilization, minimizes IT hardware costs. However, cloud environment faces new security challenges as the architecture of virtualized environments differs dramatically from non-virtualized. The traditional security methods cannot be applied any more to secure system in effective way as it used to be in the past. New approaches should be applied in order to be
more » ... able to meet new security challenges of technology. In this research, we apply Ishikawa approach, method from Quality Management System in order to identify many possible causes and factors for hypervisor security risks. In addition to that, to better structure the risks we based Ishikawa method on traditional security model, STRIDE Model, proposed by Microsoft. Hence, this paper firstly analyses malicious environment of virtualization technology. Secondly, it applies quality-based methodology for security analyses. As a result, we see that such approach helps to identify preventive security countermeasures that have to be considered at the earlier stage before real attacks occur. questions of software code design and development. Ishikawa Model Research in security of virtualization technology concentrates mostly on particular vulnerabilities exploiting. Consequently, there is often excessive emphasis of effort on vulnerabilities, or a vulnerability-driven approach in cloud computing services, whereas little effort has been done to identify general root problems of security issues. System vulnerabilities and incidents are paid attention at a micro level rather than addressing larger scale threat scenarios and patterns and further risk mitigation strategies development. Thus, in this research we apply Fishbone or Ishikawa diagram to determine Security characteristic using a structured approach. Our motivation came from its main advantage to outline the root causes of a problem, security issue, in our case. The Fishbone diagram has been originally used to identify and group the causes of quality problem on the production line. Thereafter, it has been widely adopted in Quality Management. This methodology was named after Kaoru Ishikawa, a Japanese quality control statistician, the man who pioneered the use of this chart in the 1960's [14] . The Fishbone diagram is an analysis tool that provides a systematic way of looking at effects and the causes that create or contribute to those effects. Because of the function of the Fishbone diagram, it may be referred to as a cause-and-effect diagram [15] . Hence, we apply Ishikawa diagram for hypervisor security risks analysis. This methodology outlines in diagrammatic form the causes that may generate a given outcome. We stated the outcome as a compromised hypervisor. Furthermore, each main cause we corresponded to a threat, defined by STRIDE Model: Spoofing, Tampering, Repudiation, Information Disclosure, Denial-of-Service, and Elevation of Privileges. The diagram identifies hypervisor security concerns as those uncertain events that could result in occurrence of the impact. Fig. 2 . Hypervisor security cause effect analysis based on Ishikawa diagram. Compromised Hypervisor
doi:10.17706/jcp.13.5.511-518 fatcat:no7qam5f5rd4bj4p52hh2k4xzu