The History Of The Virtualization Middleware

Published Date: 02 Nov 2017

For the sufficient use of resources many virtualized systems are being designed in which some of them are holding speciation in hardware, some of them is focusing on software. Some of them are binary compatible to have greater performance.

Few of them provide offer of resource isolation or performance guarantees. Xen is one the mix mood facilitated virtual machine which used middleware to provide secured resource access. so this requirement is complete by proposing the idealized virtual machine in a operating system like Linux BSD and window operating system. The aim of this design is focused to have 100 virtual machine hosting services instance which can run simultaneously on a modern server.

The virtualization methodology followed by Xen and permit different operating system like Linux windows xp so that it can be hosted simultaneously with effaning performance or any other resource overheads. Xen has facility to support plateform in order to deploy very huge verity /types of network centric services.

It provides local mirroring for the dynamic web content, media stream transcending, virtual relativity server less ephemeral network presence for transiently connected devices. It allows having 100 operating systems to run it from single server which really reduce associated cost. According to experimental results the efficiency of Xeno Linux over Xen is practically equivalent to the performance of the baseline Linux system.

According to Christopher Clark[1] It is well know that cluster environment where virtual machines are hosted on least configured hardware / physical server , such kind of servers are really need and they have great opp opportunities for dynamic load balancing of processor, memory and networking resources. So one of the major challenges is to develop software which handle the tasks of information decision. A good approach of handling such things are to cope of migrations to virtual machines. As every virtual machine migrates free resource on the node , the current study is planning to build cluster controller for Xen system.

According to proposed study integration of live OS into Xen virtual machine monitor, it helps a quicker interaction workload withn clusters and data centers. Xen has dynamic network bandwidth support in migration to exceed with minimal impact on running services. These services reduce total down time to given minimum threshold. Comprehensive study represent that real server worldoad such a can be shifted with just 210 ms downtime .

According to Christopher D. Gill[2] the reason of parallel and distributed computing to have greater computing and communication resources so that it give more consistent view for the resources presented to the application which is being used. It is really a challenge to provide such consistent virtualization in distrusted and real time systems to maintain resources such as cpu speed, power, memory bandwidth etc. To compensate with such features CORBA middleware was introduced by chirstopher D. Gill and he measured the impact of different resources in virtualized resources. It was proposed to use multi level modelling approaches in distrusted systems for efficient and flexible mechanism.

2.2 Cloud Services

Cloud services are composed to facilitate users to have scalable access to application, resources and the services they want to use. These services are managed by cloud service provider. Cloud services can dynamically extend itself to complete desired needs of its consumer. Since it will be the issue of service provider to provide the hardware and software required for the service so there isn’t any kind requirement exist for the organization to provide resource to allocate IT services. Online data storage and backup solutions, Web-based e-mail services, hosted office suites and document collaboration services, database processing are the basic examples of cloud services.

Since cloud services really reduce the cost and the complexity of getting and running computers and the networks that’s why it they are very popular nowadays. As the user of cloud, it doesn’t require for him to have an IT infrastructure, or the licensed software products. It has great features of scalability, reliability and efficiency. Since clouding computing services offers unlimited processing and the storage capacity. It is very reliable to open any required document in anywhere in the world via internet resource. These services are efficient because the firms don’t need to give focus on innovation and product development.

Benefits of cloud computing Environment

The cloud computing environment has many benefits, because of those benefits many IT and non IT firms are using cloud computing infrastructure to use services of platform, service and infrastructure. Few of those benefits are discussed below.

Payment Procedure

Payment procured of cloud computing services is quiet easy to handle for the organizations/ consumers. First of all consumer does not need to pay for whole, all consumers are only required to pay what they consumed. Similarly it doesn’t need to pay all at once; the payment procedure has incremental process which really saves the money.

Storage facility

The cloud computation environment has very dynamic storage facility, it shrink and have great elasticity. So the organization or the service consumers can easily update their data on the cloud without getting pain of installing and configuring new hardware. They just need to expend as per their required needs.

Ease of maintenance

Since all software, infrastructures and platform services are far away from the client so client does not need to worry regarding updating, configuration and getting backups of the software’s etc, it doesn’t need any online support services for the rest of giddiness of the consumer, this is all concern of the service provider to manager all consumers data and update its virtual cloud environment as per the required need.

Flexibility

Since cloud environment has great feature of elasticity, it is very shrinkable so it is very flexible in terms of updating software’s, updating data storage and configuration more updated hardware. Pervious when user store data in local data centres, they need to manage all data servers manually and has to maintain the audit logs of every server, in other words they need to manage version controlling of every server. Whereas when cloud computing services falls under the way in Information technology it eliminate to mange more in any terms. Consumer end can access their information anywhere with the stream of internet and prescribe security rights. It really doesn’t need to concern of maintain the hardware. All the license agreement and payment are the considerable job responsibilities of the service provider.

An excellent feature of virtualization services are to decoupling and separation of information. Virtual servers decouple the information and separate the business services from the infrastructure which is need to run those services. There is no hard and fast rule to get services from one particular vendors, it’s very flexible to get the service from reliable and scalable business services. Since operation cost is decrease and it increase the efficiency so it helps raid development growth for new business

2.1.1 Software-as-a-service

Software as a services are precompiled services which are accessible simply by navigating the web browser. Yahoo, Google docs, drop box are the kind of software as a services. SAAS services are can be borrowed using internet stream rather than actual purchasing of software and their configurations. It gives the view of Centralized computing technique. So all business, employees will execute their business process using internet via using SAAS services & behind that process of file saving and working will be done on internet by accessing their tools and files using any operating system web browser.

SAAS in cloud Computing

There are so many benefits of SAAS when it comes under the umbrella of cloud. The SAAS services decrease actual cost of the every consumer and stakeholders, the owner or the service provider has not concerned to consume thousand dollars to provide support on the phone. It can be maintained by simply maintaining and repairing the standalone version of the product which is online. Similarly user just has to pay nominal rental fees to have a reach on large central copy of the software.

Nowadays software exists everywhere, they help to track inventories, shipments, trains, employees and help us from good working relationship with consumers. From last twenty to thirty years many organization migrated to use software on their business continuity network. Recent yeas the traditional the process of software license updating is almost antiquated since all stakeholders change their software as service base business model. Software as a services are the model of software application which deliver web base services and deployed on the hosts which is further consumed by client. Consumers end is free from buy any hardware or software licenses. According to leading research organizations the market growth of SAAS is up to $6.3B in 2006; however its growth in 2000 has averaged 26% CAGR, where as licensed software growth has remained relatively flat. The need of SAAS is increase by real business needs, its ability to drive down IT-related costs, decrease deployment times, and foster innovation. View software as a services and traditional software is shown in figure

Description

Fig 2.1 Balance view of SAAS and Traditional Software

Security and Operational Riskhttp://cdn.wikinvest.com/i/px.gif

With all benefits SAAS has major considerations of potential security and operational risks. Since it needs proprietary organization information for the transported somewhere else using internal network so the remote security risk is always exists, there are some tools which can be used for data redundancy to improve security and reduce the risk margin.

2.1.2 Platform-as-a-service

The technology of cloud computing is dramatically change the field of information technology specifically in resource utilization field. The accessibility of newly develop applications are now faster as getting access on internet browsers. PAAS is one of the proved services model on which applications can be executed without any kind hassle of maintenances including hardware and software.

Plate form as a service provides facility to deploy web, windows base application without consuming cost and buying issues. it manages its self underlying hardware and software provision and provide all required facilities for the software which is used as a service by the consumer. It can be considered as a set of lower level service which supports software to interoperate with web server offered by cloud provider. As shown in following figure 2.2

http://www.undertheradarblog.com/wp-content/uploads/2012/02/paas.png

Fig 2.2 Platform as a service

Platform as a service offers many sub services for application design, application development, testing, deployment, host etc. it also offer team collaboration , migrations and integration of web services, integration of database management system. When any organization has platform as a service then size of the service, staff does not limit. Using platform as a service we can develop as many as new applications, services in the cloud which really doesn’t need specific platform to execute. Similarly those services or the applications can widely be access through the internet stream. PAAS provide features to develop multi tenant application which can be accessed from many users at the same time. The feature of interoperability gives the flexible environment to take the benefits of cloud while retrieving data and applications.

2.1.3 Infrastructure as a Service (IAAS)

IAAS demonstrate new way to consume IT resources including bandwidth, storage and computing power on demand base utilization. The utilization of service depends on the size of the company and its nature of business. For Small and Medium Businesses (SMBs) with a limited capital budget, IAAS shifts the capital requirement to an operational expense that tracks with the growth of the business. Even among large enterprises, infrastructure costs are a driving force for considering IAAS. Infrastructure as a services are very helpful to save to cost of organization wile modernizing and expending the IT capabilities without consuming capital resource on Infrastructure. These services are rapidly scalable, very secure and reachable to use using internet. Similarly what services you used you need to pay only for those services.

IAAS provide such a great environment to run various applications which really need intensive resources and need elasticity. There are so many examples including online games, multi tenant software, video sharing sites, online advertisement. Are the major examples of IAAS.

IAAS in cloud Model

IAAS provide great support as previously discuses, these services become more elastic and beneficial once they fall under the umbrella of clouding computing model. The processes of virtualisation update IAAS to provide services up to almost unlimited instances of the servers to the consumer to make very cost effective hosting hardware. Various organizations used IAAS service to have quick build process of new application without imposing / implementing new hardware configurations. It really doesn’t need to be monitored to manage traffic at consumer end. Figure 2.3,4 demonstrator traditional IT infrastructures which is being provided for every client / consumers.

http://www.bestpricecomputers.co.uk/images/cloud-computing-1.jpg

Fig 2.3 IT infrastructures as service

http://mikelloydtech.files.wordpress.com/2011/02/iaas.jpg

Fig 2.4 Cloud base infrastructure as a service

According to figure 2.4 clients can access on demand services e.g computing, infrastructure or any other service. It is typically platform virtualized environment so it doesn’t need any purchased hardware software configurations etc. Similarly the suppliers of the services just bill of such services which is being used by the consumer. So summarily in infrastructure as services domain the cost of consumption typically correlated with the level of activity being performed in IAAS. Services like Amazon are the best used IAAS web services.

According to Sushil Bhardwaj, Leena Jain, Sandeep Jain [10] the cloud computer paradigm is increasingly popular paradigm of the computer resource . Practically the cloud computing services are used to offer the list of services which can be categories into software as services plate form as a services and infrastructure as a service. This proposed study focused on cloud computing and discuses the features and the benefits of cloud computing mainly in terms of information a services paradigm. According to authors the main objective3s of this study is to understand the investigating regarding IIAS with their providers and consumers. Cloud environment has five primary characters which are listed below.

on-demand self-service,

broad network access,

resource pooling,

rapid elasticity,

Measured service.

Information as service suppliers and consumer

Major role in cloud environment (from the aspect of consumer and service provider), the consumer needs very secure service at anytime from anywhere with least cost consumption and the service should be flexible and has ease of use etc. One of the biggest hazards of merging business process execution using cloud has some discomfort with different areas, eg Security of service, underlying data, service availability and reliability.

Similarly it needs to make sure the all security police regarding administration service level agreement are appropriate enough. So to do that all cloud service provider has to use various tools and straight of the art approach in order to offer different services which are very secure. Similarly it should be scalable enough to change the service as per the consumer needs and it should also competitive enough to address and identify security threads. Service provider at admin level needs to monitor the usage of virtual server’s service consumptions and needs to take care regarding its optimization and adding removing various required services in terms of hardware and software on demand.

Consumption view of IAAS

By viewing the consumption end and their requirement the list of features which needs by consumption end are defined below which should be the key properties of any service provider’s server.

The provided services should be accessible / reachable from anywhere with internet stream

System should be modularized so that it can become more flexible, scalable, virtualized and automated.

Resilient in terms of flexibility and always available

No need to worry regarding applications required type support and maintenance

Provision to update maintained hardware software, space and power.

Provider’s aspect on IAAS

Provider has different aspect on IAAS, the list of features with aspect of IAAS service providers are given below.

Provide complete virtualized environment with infrastructure , platform and services

Provide and support regarding of space power and cooling of virtualized servers and cloud computing environment.

Provide feature for change as per the demand.

Provide load balancing features.

Provide easy mechanism for clone applications.

Summarily according to this research study the infrastructure as a service really offer what actually service providers provide and those services are really cost saving because the infrastructure associated with providing compute power, storage, and networking does not need to be purchased and maintained by the customer.

IAAS vendor is responsible to maintain the assets where as consumer is liable to pay for what services they are using. Information as services are very flexible since they are offering the appealing service with requires infrastructure and platform. Similarly infrastructure base services provide out sourced base data centre approach which reduce work load in the cloud, so every virtualized application can be uploaded to an information as a service environment.

Cloud Deployment and service delivery

According to Mervat Adib Bamiah and Sarfraz Nawaz Brohi [9] when we in the last few years back search the word cloud in the any search engines , the results comes up in form of output of atmosphere , nature and water droplets . Similarly if any one now searches the word "cloud" in any search engine the same search query return results related with computation or internet. The reason behind this different output is revolutionary change in the era of information technology.

Cloud computing terminology found as a new paradigm in the world of information technology in which the work of cloud is known as and familiarly used as a metaphor of the internet stream.

The usage of this advance technology helps many organization to rapidly shift their information technology system from traditional hardware, client / server to cloud computing model where all is offered as a service, as a platform and as information structure. Since consumer of the service has heterogeneous demands , so the service providers always offers verity of the services and deploy the public , private and hybrid cloud models for the organization and for the individuals.

According to conducted research study the consideration of cloud computing for the future needs, it needs to have more agile IT services in terms of solution for the organizations. Since this research study describe the existing and future coming cloud computing deployment and service delivery models which may come in cloud infrastructure in the future.

Figure 2.5 Survey on Cloud Service Model.

A an information retrieval survey was conducted in this research study from the various organizations. The aim of this survey was to get information that which organization used which kind of cloud computing services so that in future service providers can estimate the upcoming demand of cloud computing services.

Figure 2.5 Show the survey results are shown in above figure. According to research study one third of the organization already having cloud based solutions Similarly 70% of the companies are in the plan of implementing the cloud services, 34 % of overall user are using software as a service , 25% users are using platform as a service.

This survey represents the utilization of general cloud services, however there is an urgent requirement to implement and deploy new cloud base services and various delivery models to complete emerging needs of cloud users in the near future.

Cloud monitoring

According to Stuart CLAYMAN, Alex GALIS, Clovis CHAPMAN, Giovanni TOFFETTI,

Luis RODERO-MERINO, Luis M. VAQUERO, Kenneth NAGIN, Benny ROCHWERGER [11] the clouds services are the major emerging feature of the future internet and it will provide a great platform to run virtualized services. In order to run cloud service in effective manners the cloud services are needed to be monitor using monitoring system which take data as an input and provide usage output of cloud services. Similarly it should be indicate the high priority services which may be demanded near future from the service provider by the consumers.

According to proposed study the authors represent main aspect of lattice and proposed monitoring framework which is designed by them for monitoring various resources and service in virtualized infrastructure. At the end of this study the authors discuses issues in federated clouds services and propose an effective monitoring approach.

Requirement for cloud monitoring

According to proposed study [11] the current monitoring systems have addressed monitoring of large distributed systems, but they don’t look forward to rapidly changing and dynamic infrastructure seen in service clouds.

So for that the monitoring system should be design and built to best fit for the reason of infrastructure and service monitoring process. It needs to be for the whole of service management, and so it should cover SLAs, elasticity, QoS, etc.

It is important to recognise that it is the monitoring mechanism that closes the loop from the initial deployment, through execution, and back to the Service Manager. The monitoring system is there to gather data from all the components within cloud architecture and so monitoring is a fundamental aspect of a service cloud that is used by the infrastructure and for service management. The monitoring system for a service cloud needs to feed data into the Service Manager so that it can manage the services deployed on the cloud. Over time it is expected that the management capabilities of the Service Manager will expand to include new functions. As a consequence we need the monitoring system to be adaptable, flexible, and extensible in order to support the expanding functionality.

In order to identify the requirements of the monitoring system it needs to determine first at that what main features for monitoring need to be taken account.

scalability

elasticity

migration

adaptability

autonomic

federation

According to study it was concluded by the authors that required monitoring system Pervasive to a service cloud, most common component of the cloud service required this component. It reduce the layers of the service cloud by creating vertical path and move out across in the cloud in a federation in order to make linking with all virtualization engine.

Since cloud pattern is very predictable within service so researchers design and built the required situation. This implementation / use of proposed framework is allowed to built monitoring infrastructure which use to collect , process and disseminates network and system information from/to the entities at real-time, acting as an enabler for service management functionality.

It was observed that proposed monitoring framework is a primary feature for any service cloud management system. It’s also represent that lattice is supporting for the monitoring the virtualized resource which are become the reason of highly volatile. The presentation of the lattice framework has been successfully user in the reservoir project for the purpose of monitoring the service cloud computing components. According to research many mentoring system can be developed where different implementations of probes, data source and consumers are predict.

2.3 Security in current virtualization middleware

With lots of features and services which any virtualization provides, but it has some unique kind of problems as well. One of the biggest problems in virtualization is to provide security. It doesn’t mean by the virtualized servers are not secured enough as other servers are but it is obvious that the server which support many applications is considered as more critical. Below are the few security problems which really matters for various organization.

Over sighting

Over sighting is one of the dark sides of virtualization which occurred in virtual servers who indirectly become responsible for virtual server down

in the air. While physical servers are, as a matter of course, under the direct purview of the data canter, it’s not as straightforward for virtual servers. Whether it’s the business unit that uses the server, the closest IT manager to the actual physical server, or a central system admin, someone needs to have clear authority to act and responsibility to manage the virtual server.

Maintenance

Once over sighting occurs in the service there is always hazard exists to upkeep and patch virtual server. Since virtual servers launched and images are take away so it is difficult to recreate then and to maintain which version is patched or configured more than pervious. To prevent this hazard continuous snapshots are taken to keep the most updated version in document, version control source.

Visibility

 One of the risks involved with having significant virtualization is that those network controls that used to segment specific applications off due to reasons of compliance and security often aren’t virtualized. Indeed, virtual servers develop something of an invisible network between them, quite apart from the normal firewalling and monitoring controls that take place between physical servers. The virtualization can be adjusted to have more secured and simulated physical server environment but there is need to make sure regarding the awareness of unique concerns for those virtualization poses.

With the above common terms following are main security impacts which are measured carefully in virtualization middleware’s.

1 .Software acceptance levels

2. Host Firewall

3. Improved security

4. Improved logging and Auditing

1. Software Acceptance Levels. 

Acceptance level of middleware allows only those request which meets with proper user defined acceptance level and hold trusted digital signature.

2. Host Firewall. 

All interface communication should be protected enough using any service oriented and stateless system firewall which eliminate incompatible consumers message packets and define set of rules for the ports used by consumers. Even it can allow specific IP address to access any specific

3. Improved Security.

While working from remote area the dependencies of shared root account should be disabling. Proper user rights management should be there to manage appropriate user rights so that no local user settings account can edit administrative privileges account automatically.

4. Improved Logging and Auditing. 

Consumer end and hosting end should be monitors problems by using direct console user interface. These security logging mechanism make sure that user activities do not go across from boundaries.

Secure System logging.

All log messages which are captured from difference activates should be monitored. The monitoring process of logs helps to prevent the middleware from major security failure.

Secure virtualized infrastructure with Cloud Computing

According to Fang Hao, T.V. Lakshman, Sarit Mukherjee, Haoyu Song Bell Labs, Alcatel-Lucent [11] in spite of quick develop in the domain of cloud computing modelling the security is still one of the greater hazard for the cloud computing adoption. Many cloud services for example Amazon EC2 provide very low cost with least protection to the end users / consumers where as at the other spectrum , greater secure cloud service like Google government clouds are providing services with higher cost with the feature of isolated hardware with agreement of security clearance.

This proposed study focused and explore to find the central ground from which user / consumer can still handle to share physical hardware resource , since user play ground (networks) still isolated and access feature are controlled / monitored in the traditional way which is similar to the enterprise network. So the researcher proposed a different architecture which takes help of network virtualization and centralized controller. So the proposed study covers the requirement of the most enterprise and the individual users. Similarly this different architecture overcome the limitations of scalability of prior solution base on network and help user to modify the security and cartelized controller on the same way they control their own site network.

This proposed study explore the middle ground on which consumer share their physical hardware resources since user network isolate and access are controlled in similar way to the enterprise network. The proposed solution helps and copes of the need of most of the enterprise and individual users. The proposed new data centre architecture has following list of proprieties.

Isolation

Transparency

Location independent

Ease in police management and control

Greater scalability

Low cost

According to study the infrastructure of the data centre including the provided hardware should be very transparent for the consumers. Only logical view should be represent to the consumers for their own network. This approach reduces and simplifies the administration for the security. It is proposed that all virtual machine and network of any customer should be behave like local independent which means that it should physically allocated anywhere in data centre.

This approach can largely improve the resource in terms of its utilization and really simplify the provisioning. Similarly ease of police control helps customer to have his own policy and security requirements. Similarly architecture also allow to the customers to configure their customized individual policy settings and implement such policies in the network. Another feature of the proposed approach is to restrict user / consumer to utilize only the resources which are provided / available and prompt design artefacts.

The proposed research study focus on the security as major hurdle which cloud computing service needs to be overcome for the smooth operation of any organization and services mass adoption. Few of security solutions depend upon the outside the domain of the technology for example government laws, regulation, management of the human resource and so on. The proposed SEC2 approach is very scalable network architecture which comes up to support very secure cloud computing environment for enterprise and individual users. It tender the storing and effective isolation from one consumer to another consumer when physical resources are shared. The consumer can state and manage their own individual security policies settings exactly same way as they are managing and controlling conventional on site network. The proposed architecture also helps to user in order to merge cloud base resource similar with their current network infrastructure using virtual private network. Unlike some other solution the proposed architecture reduces and eliminates the scalability limitation which caused due to virtual local area networks. This architecture gets advantage of the network virtualization and centralized control

2.4 Cloud computing concept in virtualization

The concept of virtualization in cloud computation are sink together, it’s simply the delivery of service by the provider to the consumer. The virtualization used very broadly for about everything which we imagine including memory, only three things make it ideal for the cloud computation environment. In virtualization we can even make portioning to provide support for running different operating system in single server. We can use isolation, since each virtual machine is isolated so it will be protected from crashed, viruses from other servers.

Once virtualization comes under the umbrella of cloud then it simply decouples the entities e.g software from the hardware, similarly its encapsulation can be used to prevent every application so that it can’t communication with some other file/ interface. The merger of virtualization and cloud computing provide delivery of IT service which are further drive business invocation and agility and reduce the cost.

According to Farzad Sabahi’s research [8] the cloud computing is one of the most exciting technology nowadays in the domain of information technology it is because of its flavour of reducing the cost and complexity of applications. It’s so flexible and scalable to enhance. These all benefits change this growing technology from a dream to word’s fastest growing technology. According to research opinion virtualization technology has still limited security capabilities to secure virtualized cloud environment.

So the robust security system is big need to change the traditional security architecture of the virtualized environment. According to this study the author actually propose virtualized architecture to secure the cloud. This architecture reduces the workload and makes decentralized security related jobs for hyper servicer and virtual machine. Similarly it also converts the security system from centralized system from centralized system. This is very fine approach to modularize distrubte security system because it really reduce the workload from hypervisor base virtualization, though it has several versatilities which my induced in cloud. Since cloud holds so many clients and their corresponding applications which are running and security is important for all of them. It should run properly and create an immune environment for against every kind attack, either by any type of application is running in the cloud environment. In the world of computer science anything which is developed secure can be broken so continues audits and security log view should be monitored. Similarly moving towards cloud computing requirement the consideration of some basic security features which are highlighted in this study are the very important for the security concern.

2.5 Access restrictions of current virtualized middleware tools

Middleware in virtualization is software which provides services beyond those provided by operating system to active different components of any distributed system for having feature of communication and data management. These applications provide supports and simplify the complex distributed software. They are including application server, messaging and other similar tools which provide support application development and its deployment.

Middleware’s are composed and integrated with updated information technology base services like XML, soap, web service and service oriented architecture. They are very interpretable to run on different operating systems by providing services so that application can change a data in standard based way.

It has same layer of three tiers single architecture excluding it is stretch from multiple systems or application e.g EAI software, telecommunication software, transaction monitors or stock messaging and queuing applications. A middleware has arbitrary distinction between operating system functionality and middleware functionality , where as core kernel functionality is only provide by operating system and some functionalities provided by separately sold middleware’s.

Secure access restriction in virtualization

According to Gartner [7] secure access is keen requirement to provide access restriction in virtualization. It prevents data centre information security, authenticity. To implement this objective control and policies are enforce to execute like execution of firewall , encryption , digital signatures etc. according to this research the significant changes are required to deliver the security in public , private cloud environment.

Many organization use virtualization security controls which provide foundation to structure the cloud infrastructure but stand alone them are not sufficient to secure complete cloud environment. According to research security must be an integral but it should separately configurable as a part of cloud environment. It should be elastic and designed as per the set of demands and configured logically. Since security models are using to provide support in various private clouds and it would enable multidimensional hybrid environment. This research study outlines various necessary attributes for the virtualization security and access restriction to maintain security in virtualization.

In this research, we outline six necessary attributes of private cloud security infrastructure and describe how security must change to support the construction of secure private clouds.

On demand elastic services should exist.

Updated programmable infrastructure.

Policies should be based on logical not physical attributes.

Real-time security decision

Implement trusted zones

Separate configurable security policies should be implemented.

Federated security policies should be implemented

2.6 Secure virtual middle wares

Virtualization is playing an ever more important role in corporate networking environments. While it creates opportunities for hardware platform consolidation and cost savings, it also presents multiple implementation and security challenges. There are several virtual platforms exist nowadays and each of them are not similar to each other. The security implications also depending upon the middleware used, since firms are starting to move towards virtualized middleware’s, so it needs to be take care regarding which middleware should be taken to complete desired security needs. If we study VMware, it has most robust and secure virtualization e.g hosted and bare metal virtualization. A virtualization has these two approaches. The middleware which runs as an application on the roof of the general purpose operating system is known as hosted virtualization Whereas bare metal virtualization communicate directly with computer hardware without having help of host operating system.

Cost based decision-making in middleware virtualization

According to Kaushik Dutta and Debra Vander Meer the middleware in virtualization actually represent the running application on a set of resources. These resources can be database application, servers and different other transactional service resource). These resources can be changed base of application resource requirement. In this proposed study the authors explore the solution of problem regarding what existing schemes cannot be applied directly in cost base decision making middleware’s and then they proposed a formula on the base of mathematical model which describe the business cost of virtualization.

This research develop run time mathematical models of virtualization which helps decision making paradigms which define cost implication on various runtime and provide support in decision making to improve business factor. On change of budge and demand helps for the virtualization managers to make decisions The model helps to minimize the cost of application which run by middleware virtualization framework. The statistical analysis find the result is about 20 and 30 % higher costs than the near optimal results.

2.7 Federated access control for cloud resource sharing.

Federated access control in cloud computing update organization or consumer to have set of common security policies , access profiles , communication protocols to manage the identify and trust of end point access. it helps user to reuse electronic verification of identities to access service across distributed enterprise architecture , it save administrators from redundant work to maintain user accounts.

Major objective of federated access control in cloud computing is to help user to access one resource from one domain securely and domain of another user can also access same resource if he has similar access protocols without completely redundant user administration.

Adoption of cloud in business process of any organization helps to improve the trust boundary and it make dynamic authentication. So there is always loss of control risk exist there in order handle this challenge establish trusted governance and control model. At this point it needs to have federated access control in cloud computing environment which can keep every users / consumer directories secure and provide secured exchange of information.

So at this stage federated access control win concern of security and manage identities. It provides provision for the organizations to share all employees’ identities information with the available cloud service provider. This information sharing procedures helps organization to increase their control regarding who has accessed what exactly in terms of information and resource. As shown in following figure 2.6

Fig 2.6 Federated access of hosted machine

It manages updated security by handling access restrictions on user activites and provide details audit trails. It enable following list of activities at consumer end.

Help to have ease of access to consume cloud resources

Help end user from SSO and provide just in time account provisioning.

Reduced cost and time to incorporate authentication and authorization

Elimination of non-scalable proprietary SSO applications

So it enables communication of systems and application in different way and separated organization trusted area. Application or the companies maintain their own repositories to respond the queries from local and remote application request with security assertions’.

Federated access control working

In order to elaborate federated access control , private cloud scenario is considered in which user make attempts to access claims-aware application which is deployed in the private cloud. All the procedures of access parameters with their corresponding request detail are represented in the following figure 2.7

http://cleanclouds.files.wordpress.com/2012/04/fim3.png?w=730

Figure 2.7 Identities in Private Cloud

Federated cloud with resource provision policies.

According to Adel Nadjaran Toosi, Rodrigo N. Calheiros, Ruppa K. Thulasiramy, and ajkumar Buyya [4] the federated security in cloud computing paradigm support infrastructure as a service providers to reduce the resource limitation when demand is high for virtual machines. Information as service suppliers having option to cancel spot virtual machine which are cheaper virtual machine to free resources to get more profitable virtual machine request. According to this study researchers are actually proposing new policies which provide help for decision making process to increase the resource utilization and profit in federated clouding computing environment. According to following figure, they introduce cloud exchange service which takes feedback of cloud inquiry for accruing particular resource. As shown in figure 2.8

Figure 2.8 Cloud exchange service

The principle of this mechanism helps cloud environment for the load balancing between federated providers. Though this mechanism is very cheaper in price for service providers even if larger amount of resource are required to access Only one relevant issue in this mechanism is arriving of reveals the critical information about the provider. The study proposed policies to increase IAAS suppliers profit when the any provider is member of cloud federation. As every supplier (service provider) hold on restricted amount capacity, if they increase load it may overload their data centres and my find the result t of QoS violation.

With this all the service providers can also get benefit from federation by outsourcing their request to any other members of same federation on lower load. According to author they perform several experiments and perform comparative analysis for these proposed polices and they found great impact on various parameters of Spot VMs to the total load. The experimental findings help to design some guidelines for the service suppliers. According to it the locally running on demand request are more profitable if the service provider has high ratio of spots .it also helps others service providers to make more profitable resource by selling service to the other members.

Dynamic Provisioning System in Federated Cloud and Bare-metal Environment

According to Authors [5] they present the new design for having a dynamic provisioning System for federated cloud and bare metal environment which enable to manage resource of federated cloud by taking care and focusing their utilization needs.

In this study researchers actually proposing new framework which allocate resource at particular time to any infrastructure as a service framework. It is also controlled and maintained as a part of typical HPC environment controlled by batch querying systems. This provision communicates between virtualized and non virtualized resources. The researcher provides flexible resource management framework. Consumer can adapted it based on in service user’s demands. The requirement of such kind of framework really provides great motivation for the real user who needs to gather information using operation of future Grid.

According to authors observations the usages of the various infrastructures differ over time and it is has behaviour of over and underutilized vice versa. So this proposed study provides benefits to adjust those up and downs using proposed framework. The framework helps to reduce th code significantly and make it modulated form so that it become easier to maintain and enhance within least time , the cloud analysis show in following figure 2.9

Fig 2.9 cloud analysis - applied framework

So these research findings represent a standalone design from the federated cloud environment which his not only focused on just providing support for a single LAAS but it provides integrated traditional HPC service. This proposed work is depending upon the services which previously developed and significantly enhance to face addressing challenges in the cloud shifting and cloud busting. Metric framework is the unique contribution of this research which is used to manage and trance the different instances of virtual machine and help to manage them.