Virtualization Security

The virtualization technology is gaining significant attention by the scientific community in the last years, and many sources identify virtualization as one of the most significant technological advancement of the last sixty years. Virtualization applications and scenarios extend very far beyond Virtual Machines, container technology, and single-kernel systems, which represent solely the tip of the iceberg. The virtualization technology is very closely related with the use of abstraction techniques. Software resources act as hardware resources, with significant advantages in terms of scalability, flexibility, cost, performance, to name a few. Application fields are countless: Data virtualization, Server virtualization, Operating System virtualization, Storage virtualization, Network functions virtualization, Desktop virtualization and Cloud Systems virtualization, to cite only few examples.

Figure 1: Virtualization Application Fields.

On the other side, virtualization technologies introduce strong security concerns. Improper authentication, injection, permissions and privileged management, credential management, sensitive data handling, input validation, data authenticity verification, resource management, race conditions, are just some of the important security aspects to consider. Moreover, facing these challenges become even more difficult when they are translated over a distributed system, requiring coordination between physically separated entities.
At the Cybersecurity lab we seriously tackle these challenges, and we are focusing in the development of efficient countermeasures against these threats. We developed new security methodologies for carrying out security checks, innovative methodologies for vulnerabilities detection, and innovative countermeasures. Significant efforts are also directed to the study and refine of Docker, one of the most diffused containerization technologies throughout the market.