Kit Wai Chan - Fotolia
Amazon Web Services, IBM Softlayer and Rackspace were forced to reboot some of their public cloud instances following Xen hypervisor security update last fall; another Xen security update was issued this year, forcing more reboots (though, AWS was able to avoid reboots this time). What is the Xen hypervisor, and why is it causing these reboots? Should enterprises be concerned about its security issues and how it can affect the public cloud?
A hypervisor is the software that creates and manages virtual machines running on a physical server. Hypervisors run on server hardware and host operating systems, such as Linux and Windows, as guest operating systems, but they execute in a more privileged mode than guest operating systems. A hypervisor is responsible for isolating compute, storage and network resources of each virtual machine; Xen is an open source hypervisor available under GNU General Public License version 2.
Amazon Web Services, Rackspace and IBM use the Xen hypervisor in their clouds. Security vulnerabilities in the hypervisor that were discovered last year triggered AWS' planned patch. In the case of AWS, about 10% of its servers required a reboot. Older hardware that did not allow for automatic updates were involved in the reboot process. More recently, AWS servers were patched without reboot following this year's Xen security update.
Vulnerabilities in a hypervisor are a cause for concern. Since the beginning of 2015, a number of Xen vulnerabilities have been disclosed, including problems with rate limiting logging, errors masking interrupts and information leaks.
Hypervisors are one part of the software stack that enable cloud computing, and, like other parts, are subject to vulnerabilities. Within the shared security model of cloud computing, cloud providers are responsible for the security of hypervisors. They are also responsible for the physical security of data centers, the implementation of access controls, and other security controls that provide the foundation for cloud users to implement their own security policies and measures.
It should not be a surprise to hear that vulnerabilities exist in hypervisors. They are complex pieces of software and subject to errors just like any other complex system. An important question for cloud users is: How well do cloud providers detect and correct vulnerabilities in hypervisors and other components under their control? It is also worth considering how well providers can implement remediation without disrupting services as well as how transparent providers are about vulnerabilities in their infrastructure.
AWS and other cloud vendors informed customers about the existence of vulnerabilities and the steps that would be taken to correct them. Until we are able to write vulnerability-free system software, this will probably be the baseline by which we will assess how well cloud providers handle such vulnerabilities.
Ask the Expert!
SearchCloudSecurity expert Dan Sullivan is ready to answer your application security questions -- submit them now! (All questions are anonymous.)
Learn how to use NIST 800-125-A to understand hypervisor security threats
Dig Deeper on Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection
Related Q&A from Dan Sullivan
Docker's recent upgrade introduced support for hardware signing and in the future, automated security analysis on Docker images. Expert Dan Sullivan ... Continue Reading
Cisco's new project Contiv automates operational policies for containerized applications in the cloud. Expert Dan Sullivan explains the benefits of ... Continue Reading
Dropbox API abused by attackers posing as legitimate users in a huge spear phishing campaign. Expert Dan Sullivan explains how to mitigate the risks ... Continue Reading