A Security Assessment of Virtualized Residential Gateways:: Securely Deploying Third Party Services
Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Scalable, portable and flexible way of providing services can be realized by the means of virtualization technology, where parallel VMs are built on top of a shared hardware implementation. At the same time, securely deploying services has been receiving more attentions. Therefore, it is useful and challenging to secure virtualization infrastructures as a number of security threats are attached to virtualization technology.In this thesis, as LXC is investigated for virtualizing RG, a design on CRG virtualized with LXC is proposed for delivering third-party services and a security assessment of its security threats and vulnerabilities is conducted. Afterwards, a framework of security assessment on virtualization technology is proposed. Three possible defense solutions are proposed and further evaluated in context with CareNet project. The results show that SELinux brings 7% system performance loss but provides CRG with customized strategies and is a practical and feasible solution where as the simplicity of SMACK restricts its flexibility and OpenQRM is a light weight container management tool but not a secure one, both of which should be given more consideration.
Place, publisher, year, edition, pages
2012. , 84 p.
Engineering and Technology
IdentifiersURN: urn:nbn:se:kth:diva-102093OAI: oai:DiVA.org:kth-102093DiVA: diva2:550740
Master of Science -Communication Systems
Knutsson, Björn, Universitetslektor