Open Access  Subscription or Fee Access

Virtualization is playing a vital role in various organizations by providing high flexibility to their environment. The users are getting tremendous benefits in terms of cost, utilization and efficiency. It promises to overcome the pitfalls in the traditional computing & provides the best solutions. Though Virtualization has many advantages over traditional computing, many organizations still have the dilemma to implement virtualization because of the security concerns. This paper provides the literature survey of virtualization, types of virtualization technologies and possible threats in virtual environment. We are providing a list of best practices and considerations which any organization must consider before implementing virtualization in their environment.

Denial of Service, Hypervisor, State Restore, Threats, Virtual Machine.

Jenni Susan Reuben,A Survey on Virtual Machine Security.www.tml.tkk.fi/Publications/C/25/papers/Reuben_final.pdf.

J. Kirch. Virtual machine security guidelines. The center for Internet Security, September 2007.http://www.cisecurity.org/tools2/vm/CIS_VM_Benchmark_v1.0.pdf.

Tal Garfinkel Mendel Rosenblum, when Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. www.stanford.edu/~talg/papers/HOTOS05/virtual-harder-hotos05.pdf

T. Garfinkel, B. Pfaff, J. Chow, and M. Rosenblum. Data lifetime is a systems problem. In Proc. 11th ACM SIGOPS European Workshop, September 2004.

Abhijit shroff and Venkata Reddy Donthireddy. www.infosys.com/virtualization-imperatives-performance.pdf

Doug Hyde, A Survey on the Security of Virtual Machines. Www1.cse.wustl.edu/~jain/cse571-09/ftp/vmsec/index.html.

T. Ormandy, An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments. http://taviso.decsystem.org/virtsec.pdf

T. Olzak, Secure hypervisor-based virtual server environments Tech Republic, 2007. http://blogs.techrepublic.com.com/security/p=160

B. Payne, M. Carbone, W. Lee, Secure and Flexible Monitoring of Virtual Machines, IEEE Xplore, 2007. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4413005

L. McLaughlin, How to Find and Fix 10 Real Security Threats on Your Virtual Servers, CIO, 2007. http://www.cio.com/article/154950

S. King, P. Chen, and SubVirt: Implementing malware with virtual machines, IEEE Symposium on Security and Privacy, 2006. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1624022

Jim D. Hietala, Top virtualization security mistakes (and How to avoid them), www.sans.org/reading.../McAfee_Catbird_Virtualization_Jul09.pdf

http://www.securityweek.com/virtual-environments-risk-inadequate-security-management-study-reveals#

Security for Virtual Environments http://esj.com/articles/2008/11/04/qa-security-for-virtual-environments.aspx

Pete Lindstrom, Attacking and Defending Virtual Environments http://www.burtongroup.com/Download/Media/AttackingAnd.pdf

Mike Lococo, Virtualization and Security Boundaries http://mikelococo.com/files/2009/virtualization-and-security-boundaries.pdf