A recent direction in cloud computing is toward massive consolidation of resources by using lightweight virtual machines (VMs) called unikernels. Unikernels are specialized VMs that eliminate the operating system layer and provide a small footprint, minimal attack surface, and near-instant boot times. However, managing the privileges of thousands of unikernels hosted in Xen hypervisor and authoring complex Mandatory Access Control (MAC) policies using Xen Security Module (XSM)-Flask or sHype is often difficult and error prone for cloud administrators. XSM-Flask and sHype access control mechanisms have not reached wide adoption since their configuration and policies are complex and contain hundreds of subjects and objects for a single VM. Thus, we require an access control mechanism that is flexible, simple, integrated with unikernels and is efficient in order to regulate access to a large number of unikernels. In this paper, we present VirtusCap: a novel multi-layer access control architecture and mechanism that integrates capabilities with unikernels. Our approach employs capabilities to limit privileges of unikernels. Hence, our approach embodies the Principle of Least Privilege (POLP) to create unikernels that have only the privileges they need to accomplish their task. Performance evaluations show that up to request rate of 7000 (req/sec) our prototype's response time is identical to XSM-Flask.
|Title of host publication||Proceedings 2017 IEEE International Conference on Cloud Engineering (IC2E)|
|Publication status||Published - 11 May 2017|
|Event||2017 IEEE International Conference on Cloud Engineering - Vancouver, Canada|
Duration: 4 Apr 2017 → 7 Apr 2017
|Conference||2017 IEEE International Conference on Cloud Engineering|
|Period||4/04/17 → 7/04/17|