Since the invention of computers, more developments have been made towards improving its functionality. It is worth to note that computer technology has had a great impact on humans as it affects almost every area of their lives. Development in computer technology aims at making the process of solving of problems easier, faster, cheaper and efficient. As such, computer technology has been employed by man in all fields some of which are very crucial.
The kind of information stored in computers is so important that any developments in the technology have to consider the effect of the development on security of the data stored in the machine and on the individuals using it. One of the most recent developments in computer technology is the invention is the invention of the virtual machine. This is an operating environment that is self contained in that it behaves like a separate physical computer (Armstrong, 2005). A virtual machine is designed such that several resources work together in a way that emulates an actual computer’s behaviour.
In this environment, all the resources of the system can be shared amongst the processes as no individual process can have the sole use of a particular resource. Virtual machines also provide isolation amongst multiple users of a many users of one computer system such that each one of them can have their own separate part of the system or database. The isolation aspect of virtual machines is what is considered to enhance security in computer machines. The many operating systems that exist in the market such as IBM’s VM/CMS are founded on the virtual machine approach (Armstrong, 2005).
As mentioned before, most organizations have employ computer technology in their operations. Such organizations in an attempt to evaluate and enhance the security of their systems, devices and networks have turned to the use of virtual machines which they consider to enhance security. Concerns have however been raised on how secure these machines are especially since they operate separately from the operating system implying that it is not possible for them to of the special features of operating system such as the ones that usually ensure security of stored data.
This paper seeks to address the security issues associated with virtual machines and the strengths and weaknesses of the virtual machines in relation to the standard security services put forward in ITU-T Recommendation X. 800. 2. Description of the Security Issue Virtual machines can be described as a hit in the cooperate world. Virtualization is considered by many as a breakthrough especially where hardware cost is concerned. Virtual machines are considered to have so many advantages that are desirable to enterprises causing many organizations to adopt their application in their business operations.
Versions of virtualization products keep changing and most organizations that keep at par with the changes in technology implement each new version in the market that is perceived to be superior to the one they currently use. Research has however shown that the implementation of virtual machines and virtualization of the system has security risks that are not easy to dictate as they do not show immediately the virtual machines are installed to the operating system (Bidgoli, 2006).
It also is argued that virtual machines should not be trusted as the producers argue them to be. They argue that virtual machines when well applied should not interfere with other virtual machines or the organization’s management operating system (Bidgoli, 2006). But then how can an organization completely ensure that the individuals installing do not make mistakes or are not malicious? Because of this uncertainty, virtual machines pose great danger to the security of information specifically the confidential data.
It is argued that the fact that the virtual machines make it possible for the shared memory in the virtualized environment to be viewed and even modified poses threat to security of the data stored in the other computers on the network. The only restriction is the guidelines which do not allow one to view data that is in other virtual machines. However, in the event of maliciousness or worse criminal intentions then the security of information that is associated with other virtual machines in the same environment is vulnerable as such individuals can easily access information without being authorized.
Security to information is not only limited to access by unauthorized individuals; virtual machines also have the potential of causing information that is stored in the database to be lost, or be corrupted in several ways (Bidgoli, 2006). It is argued that putting virtual machines to reside atop a single hypervisor is like putting every egg that is crucial in a single basket. The problem is that in the event there are virtual machines whose periods of outage extend, they might not receive the update configurations that are required to keep them safe.
This problem is attributed to the fact that virtual machines function as independently and separately from the operating system as if they were different computers making it hard for them to access any features of the operating system. Lack of update configurations to any system poses a great threat to the data that has been stored in its database (Oaks, 2001). This is because in the event the system is infected by a virus. The virus can not be detected or terminated. This is dangerous as the stored data is left exposed to the virus.
This could result to permanent lose or corruption of important data. As explained earlier, virtual machines enable isolation such that multiple users can create separate individual databases within a single a single computer system which can not be accessed by the other users. This is risky to the security as it implies that the virtualization hypervisor is a single point that is common to all the computers in the environment that have been hosted atop the hypervisor of the virtualization’s solution (Oaks, 2001).
This implies that in the event this point is not well managed, its failure affects all the computers that are in that environment which could cause loss or a lot of damage to any data or information that is stored in these computers. Any form of infection or compromise to a hypervisor specifically one that is singular causes massive failure of the entire system causing effects that can only be left to our imagination as it implies that the organization can not run anything as the entire system that supports its operations fails.
Virtual machines are also risky when not in use. Virtual machines that are not in operation hence are powered off usually reside on the disk as files. But then unlike files, they have the potential of being risky to the network in the event they are powered on without use of the appropriate security configuration. They have the potential of causing the entire system to crush hence destroying data and information in addition to disrupting the organization’s operations (Oaks, 2001).
The virtual networks that are created using the virtualization products are not real but just representations of the actual and real physical computer systems and networks. This is risky because virtual switches are limited in their capabilities and can not function as well as the actual physical ones. These limitations can greatly hamper the functioning of the network resulting threatening the security of any stored data in the computers on the network (Oaks, 2001).