A Security-Awareness Virtual Machine Management Scheme Based on Chinese Wall Policy in Cloud Computing
Si Yu Xiaolin Gui Jiancai Lin Feng Tian Jianqiang Zhao and Min Dai
The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conlict of interest relation(ACIR) and aggressive in ally with relation(AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. hird, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conlict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS.