Συλλογές : |
---|
Τίτλος : | An empirical analysis of vulnerabilities in virtualization technologies |
---|
Δημιουργός : | Gkortzis, Antonios Rizou, Stamatia Spinellis, Diomidis |
---|
Τύπος : | Text |
---|
Σημείωση : | dx.doi.org/https://doi.org/10.1109/CloudCom.2016.0093 |
---|
Φυσική περιγραφή : | 6p. |
---|
Γλώσσα : | en |
---|
Αναγνωριστικό : | http://www.pyxida.aueb.gr/index.php?op=view_object&object_id=11609 |
---|
Βιβλιογραφική Σημείωση : | Published in 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom) |
---|
Περίληψη : | Cloud computing relies on virtualization technologies to provide computer resource elasticity and scalability. Despite its benefits, virtualization technologies come with serious concerns in terms of security. Although existing work focuses on specific vulnerabilities and attack models related to virtualization, a systematic analysis of known vulnerabilities for different virtualization models, including hypervisor-based and container-based solutions is not present in the literature. In this paper, we present an overview of the existing known vulnerabilities for hypervisor and container solutions reported in the CVE database and classified under CWE categories. Given the vulnerability identification and categorization, we analyze our results with respect to different virtualization models and license schemes (open source/commercial). Our findings show among others that hypervisors and containers share common weaknesses with most of their vulnerabilities reported in the category of security features. |
---|
Λέξη κλειδί : | IT security Virtualization Vulnerabilities Hypervisor Common Vulnerabilities and Exposures (CVE) |
---|
Διαθέσιμο από : | 2024-10-25 11:51:22 |
---|
Ημερομηνία έκδοσης : | 2016 |
---|
Ημερομηνία κατάθεσης : | 2024-10-25 11:51:22 |
---|
Αναφορά : | A. Gkortzis, S. Rizou and D. Spinellis, "An Empirical Analysis of Vulnerabilities in Virtualization Technologies," 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Luxembourg, Luxembourg, 2016, pp. 533-538, doi: 10.1109/CloudCom.2016.0093. |
---|
Δικαιώματα χρήσης : | Free access |
---|
Άδεια χρήσης : |
---|