论文部分内容阅读
The advent of virtual machine monitor (VMM),namely Hypervisor has impacted thevirtualization world and brought up a possibility to run one or more virtual machines with avariety of operating systems that share the same virtualized hardware resources.Thus,this approach has been used to develop a new way of protecting and maintaining the availabilityof information so to build a trusted computing environment such as the proactive recoverymethod that allows the replicated instances to tolerate an unlimited number of malicious faultsby periodical rejuvenation of replicas.And with the computing power increasing every 18months,now with the current hardware available on the market,we can make a single hostthat can contain multiple clusters of virtual machines. Our approach consists of creating a double layer cluster system that will have eachcluster running 3f+1 instances(VM) of the same operating system different from otherclusters on a single host,and uses a dispatcher to ensure the random access to the instance,soto increase the resiliency of the system.This approach does not allow communication between the replicas or instances instead the replicas manager is in charge of thecommunication this is to avoid the spread of infection in case of an attack and the replicas cock is maintained by the replicas manager.The resilience of our approach is presented in three steps that consist of the dispatcher which use an algorithm to obfuscate ports and IP addresses of the online instances.While this is not a replacement for cryptographic methods,the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead.The system is maintained through the clusters manager which the administrator can access to manually switch off acluster so to maintain it, and the administrator can check the status of the online replicas via amonitoring system.