JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2017, Vol. 52 ›› Issue (3): 60-67.doi: 10.6040/j.issn.1671-9352.2.2016.105

Previous Articles     Next Articles

A software update mechanism for virtual machines in IaaS multi-tenant environment

CHEN Guang-rui, CHEN Xing-shu*, WANG Yi-tong, GE Long   

  1. College of Computer Science, Sichuan University, Sichuan 610065, Chengdu, China
  • Received:2016-08-16 Online:2017-03-20 Published:2017-03-20

PDF (PC)

506

Abstract: To facilitate the management of software versions in Virtual Machines(VMs)in Infrastructure as a Service(IaaS)environment and reduce the potential security issue is introduced by outdated softwares, a software update mechanism was studied. Firstly, a unified management framework was proposed, and the update tasks are managed by platform instead of users themselves. And then, the mechanism accesses the update service to tenant network using Linux Network Namespace, and isolates the different tenants update services. Lastly, for the same update tasks, this mechanism distributes the software packages in reliable multicast way, which greatly reduces network traffics and saves network resources. The result showed that this mechanism could effectively improve the efficiency of software distribution, save the network resources, reduce the CPU consumption, and ensure the isolation of different tenants update services.

Key words: cloud computing, patch update, reliable multicast, network virtualization, software update, IaaS

CLC Number: 

  • TP393
[1] 中国国家标准化管理委员会. GB/T 31167-2014信息安全技术: 云计算服务安全指南[S].北京:中国标准出版社,2014. Standardization Administration of the Peoples Republic of China. GB/T 31167-2014 Information security technology-security guide of cloud computing service[S]. Beijing: Standards Press of China, 2014.
[2] 陈兴蜀,罗永刚,罗锋盈.《信息安全技术 云计算服务安全指南》解读与实施[M].北京:科学出版社,2015. CHEN Xingshu, LUO Yonggang, LUO Fengying. The interpretation and implementation of Information security technology-Security guide of cloud computing service[M]. Beijing: Science Press, 2015.
[3] Cloud Security Alliance. Cloud Controls Matrix v3.0[EB/OL].(2016-03-18)[2016-05-05]. https://downloads.cloudsecurityalliance.org/initiatives/ccm/CSA_CCM_v3.0.xlsx
[4] BRUNETTE G, MOGULL R. Security guidance for critical areas of focus in cloud computing v3.0[M]. Toronto: Cloud Security Alliance, 2011: 1-177.
[5] KRUTZ R L, VINES R D. Cloud security: a comprehensive guide to secure cloud computing[M]. New York: John Wiley & Sons, 2010.
[6] 王含章. 可信云计算平台模型的研究及其改进[D]. 合肥: 中国科学技术大学, 2011. WANG Hanzhang. Research and improvement on the model of trusted cloud computing platform[D]. Hefei: University of Science and Technology of China, 2011.
[7] DIOGENES Y, GILBERT J, GRONLUND C J. Best practices for software updates on Microsoft Azure IaaS[EB/OL].(2016-03-22)[2016-05-06]. https://azure.microsoft.com/zh-cn/documentation/articles/azure-security-best-practices-software-updates-iaas
[8] 阿里云.阿里云盾补丁管理[EB/OL].[2016-05-06]. https://help.aliyun.com/product/9091838_28360.html?spm=5176.776708449.6.66.8rblHE Alibaba Cloud, Patch Management in Alibaba Cloud[EB/OL].[2016-05-06]. https://help.aliyun.com/product/9091838_28360.html?spm=5176.776708449.6.66.8rblHE
[9] LIU Kai, ZOU Deqing, JIN Hai. Software Update as a Service for the IaaS Cloud[C] // IEEE International Conference on Services Computing. New York: IEEE, 2015: 483-490.
[10] YAMATO Y. Automatic verification technology of software patches for user virtual environments on IaaS cloud[J]. Springer Journal of Cloud Computing, 2015, 10:S165-S167.
[11] YAMATO Y. Automatic verification for plural virtual machines patches[C] // International Conference on Ubiquitous and Future Networks. Sapporo: IEEE Computer Society, 2015: 837-838.
[12] YAMADA H, TONOSAKI S, KONO K. Efficient update activation for virtual machines in Iaas cloud computing environments[J]. IEICE Transactions on Information and Systems, 2014, E97-D(3): 469-479.
[13] UFTP-Encrypted UDP based FTP with multicast[EB/OL].[2016-05-06]. http://uftp-multicast.sourceforge.net/
[14] 陈兴蜀, 胡亮, 陈广瑞, 等.虚拟网络环境下安全服务接入方法[J].华中科技大学学报(自然科学版), 2016,44(3):49-54. CHEN Xingshu, HU Liang, CHEN Guangrui, et al. Security service access method for virtual network[J]. Journal of Hangzhou University of Science and Technology(Natural Science Edition), 2016, 44(3):49-54.
[15] LAURIKAINEN R. Improving the efficiency of deploying virtual machines in a cloud environment[D]. Degree Programme of Computer Science and Engineering, School of Science, Aalto University, 2012.
[1] WANG Xiao-yan, CHEN Xing-shu, WANG Yi-tong, GE Long. Performance measurement and analysis of cloud computing network based on OpenStack [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 30-37.
[2] HAN Pan-pan, QIN Jing. Verifiable and searchable encryption scheme for outsourced database in cloud computing [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(9): 41-53.
[3] HUANG Yu-qing, ZHAO Bo, XIAO Yu, TAO Wei. A vTPM-VM live migration scheme based on KVM [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(6): 69-75.
[4] YAO Ke, ZHU Bin-rui, QIN Jing. Verifiable public key searchable encryption protocol based on biometrics [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(11): 11-22.
[5] . An approach of detecting LDoS attacks based on the euclidean distance of available bandwidth in cloud computing [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2016, 51(9): 92-100.
[6] CAI Hong-yun, TIAN Jun-feng. Research of data privacy protection for cloud computing [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(09): 83-89.
[7] LUO hai-yan, LÜ Ping, LIU Lin-zhong, YANG Xun. Enterprises trust comprehensive evaluation based on fussy rough AHP in cloud computing [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(08): 111-117.
[8] LIU Yang, QIN Feng-lin, GE Lian-sheng. Measurement study of cloud computing: a survey [J]. J4, 2013, 48(11): 27-35.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
Copyright 2018 © Editorial office of JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE)
Supported by Beijing Magtech Co.Ltd