Nested Virtualization meets Micro-Hypervisors: Towards a Virtualization Architecture for User-Centric Multi-Clouds Alex PALESANDRO Marc LACOSTE Nadia BENNANI Chirine GHEDIRA-GUEGAN SEC2 - 30 June 2015, Lille
Is this the best of all possible clouds? Telco 2 Realm Data Center Data Center CPEs New Applications Domains: New challenges: • IoT • High Availability • Telco 1 Realm Healthcare PoPs • CPEs Strong isolation • Tele-medecine Wide Area Network PoPs Hierarchy • Data and Execution state • Network Security Hierarchy • Enhanced scalability • Privileged point of control OTT Cloud Provider Realm Customer Private Cloud Data Center
From requirements to virtualization design Interoperability Nested Virtualization Minimal TCB Micro-Hypervisors Component-Based User Control Hypervisors Nested Virtualization Legacy support
A first Distributed Virtualization Architecture Upper Layer Lower Layer
Proof-of-concept and Next Steps • Implementation: – LL based on Nova hypervisor • Under investigation extensions to support nested virtualization – UL based on Openstack with multiple virtualization technologies • Evaluating multi-provider architecture • Future work: – Automated cross-layer/cross-domain security management • VESPA framework for automated security monitoring • User/Provider security policy reconciliation
Thank you!!! • Questions? • Contact: alex.palesandro@orange.com
Recommend
More recommend
