Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Secure model for efficient live migration of containers
Download
index.pdf
Date
2019
Author
Mavuş, Zeynep
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
238
views
194
downloads
Cite This
Cloud services have become increasingly widespread in the past decade due to their ability to reduce the complexity and cost of managing computers and networks. Cloud applications are run in virtualized environments such as virtual machines and containers to be able to allocate resources in an inexpensive manner. Both of these approaches require effective resource utilization, for which an important enabling technology is live migration, which involves moving a service from one host to another with the minimum possible downtime. Live migration is also required for system maintenance, load balancing, and protecting services from attacks through moving target defense. While migrating a service, the system should not be vulnerable to attacks. In this work, we propose a secure model for efficient live migration of containers. Because the applications are isolated from each other while running in Docker containers, checkpointing was used to generate the required migration data. In our proposed model, we provide security of the migration data using secure authentication, and ensuring all connections between the nodes are protected to provide communication security, making the system protected against migration attacks. The efficiency of the migration system designed based on the proposed model has been proven on stateless and stateful sample applications. Experiments with sample applications running on the Docker container platform demonstrate that the proposed approach achieves significantly better performance than its virtual machine live migration counterpart.
Subject Keywords
Virtual storage (Computer science).
,
Keywords: Live Migration
,
Container
,
Virtual Machine
,
Docker
,
CRIU
,
Security.
URI
http://etd.lib.metu.edu.tr/upload/12623828/index.pdf
https://hdl.handle.net/11511/44684
Collections
Graduate School of Natural and Applied Sciences, Thesis
Suggestions
OpenMETU
Core
A secure model for efficient live migration of containers
Mavus, Zeynep; Angın, Pelin (2019-09-01)
Cloud services have become increasingly widespread in the past decade due to their ability to reduce the complexity and the cost of managing computers and networks. Cloud applications are run in virtualized environments such as virtual machines and containers to be able to allocate resources in an inexpensive manner. Both of these approaches require effective resource utilization, for which an important enabling technology is live migration, which involves moving a service from one host to another with the ...
A Joint resource allocation system for cloud computing /
Dikbayır, Hüseyin Seçkin; Bazlamaçcı, Cüneyt Fehmi; Department of Electrical and Electronics Engineering (2014)
Cloud computing is a new trend in computing, where resources such as servers, storage devices and software applications are provided to customers over the Internet. It is typically based on a pay-per-use model similar to renting a car or taking a taxi in our daily life. The primary purpose of a cloud system is to utilize available resources effectively to provide an economic benefit to customers. To succeed in this, jobs initiated by consumers are allocated to a set of virtual machines (VM) that run in big ...
EPICS: A Framework for Enforcing Security Policies in Composite Web Services
Ranchal, Rohit; Bhargava, Bharat; Angın, Pelin; ben Othmane, Lotfi (Institute of Electrical and Electronics Engineers (IEEE), 2019-05-01)
With advances in cloud computing and the emergence of service marketplaces, the popularity of composite services marks a paradigm shift from single-domain monolithic systems to cross-domain distributed services, which raises important privacy and security concerns. Access control becomes a challenge in such systems because authentication, authorization and data disclosure may take place across endpoints that are not known to clients. The clients lack options for specifying policies to control the sharing of...
An MTD-Based Self-Adaptive Resilience Approach for Cloud Systems
VİLLARREAL VASQUEZ, Miguel; BHARGAVA, Bharat; Angın, Pelin; AHMED, Norman; GOODWİN, Daniel; BRİN, Kory; KOBES, Jason (2017-06-30)
Advances in cloud computing have made it a feasible and cost-effective solution to improve the resiliency of enterprise systems. However, the replication approach taken by cloud computing to provide resiliency leads to an increase in the number of ways an attacker can exploit or penetrate the systems. This calls for designing cloud systems that can accurately detect anomalies and dynamically adapt themselves to keep performing mission-critical functions even under attacks and failures. In this paper, we pro...
Open-Source Big Data Analytics Architecture for Businesses
Gökalp, Mert Onuralp; Koçyiğit, Altan; Eren, Pekin Erhan (null; 2020-01-23)
Unaware of existing big data technologies, organizations fail to develop a big data capability despite its disruptive impact on today's competitive business environment. To determine the shortcomings and strengths of developing a big data architecture with open-source tools from technical and managerial perspectives, this study (1) systematically reviews the available open-source big data technologies to present a comprehensive picture, and (2) proposes an open-source architecture for businesses to take as ...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
Z. Mavuş, “Secure model for efficient live migration of containers,” Thesis (M.S.) -- Graduate School of Natural and Applied Sciences. Computer Engineering., Middle East Technical University, 2019.
