A Model for Availability and Security Risk Evaluation for Systems With VMM Rejuvenation Enabled by VM Migration Scheduling

Most companies and organizations rely nowadays on virtualized environments to host and run their applications. Some of these applications have stringent availability and security requirements. An important challenge for high availability in virtualized systems is software aging, which can lead the system to hangs or other types of failures. Software rejuvenation is applied to cope with software aging problems, whereas previous research suggests the use of Virtual Machine (VM) migration to reduce the downtime related to Virtual Machine Monitor (VMM) software rejuvenation. However, there is still a gap regarding the security implications of applying VM migration scheduling as support for VMM software rejuvenation. In this paper, we propose a security evaluation approach based on an availability model for virtualized systems with VM migration for VMM rejuvenation. The goal is to find the proper rejuvenation scheduling to reach the desired levels (or at least to avoid the undesired levels) of security risk and availability. We present three case studies comprising major security threats, namely Man-in-the-middle and Denial of Service attacks. Results provide insightful information regarding the tradeoff between availability and security risk when applying VM migration scheduling for rejuvenation purposes.