Integrated Security Architecture for Virtual Machines

Vijay Varadharajan*, Udaya Tupakula

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review


Currently virtualisation technology is being deployed widely and there is an increasing interest on virtualisation based security techniques. There is a need for securing the life cycle of the virtual machine based systems. In this paper, we propose an integrated security architecture that combines access control, intrusion detection and trust management. We demonstrate how this integrated security architecture can be used to secure the life cycle of virtual machines including dynamic hosting and allocation of resources as well as migration of virtual machines across different physical servers. We discuss the implementation aspects of the proposed architecture and show how the architecture can counteract attack scenarios involving malicious users exploiting vulnerabilities to achieve privilege escalation and then using the compromised machines to generate further attacks.

Original languageEnglish
Title of host publicationSecurity and privacy in communication networks
Subtitle of host publication9th International ICST Conference, SecureComm 2013 Sydney, NSW Australia, September 2013 Revised Selected Papers
EditorsTanveer Zia, Albert Zomaya, Vijay Varadharajan, Morley Mao
Place of PublicationCham
PublisherSpringer, Springer Nature
Number of pages14
ISBN (Print)9783319042824
Publication statusPublished - 2013
Event9th International ICST Conference on Security and Privacy in Communication Networks (SecureComm) - Sydney, Australia
Duration: 25 Sep 201328 Sep 2013

Publication series

NameLecture Notes of the Institute for Computer Sciences Social Informatics and Telecommunications Engineering
ISSN (Print)1867-8211


Conference9th International ICST Conference on Security and Privacy in Communication Networks (SecureComm)


  • Virtualisation
  • Trusted computing
  • Access Control
  • Intrusion detection
  • Security attacks

Cite this