Virtulization And Storage Management For Cloud

Computing.

Sahan Lakjaya Maldeniya

Supervised by Dr. D.A.S. Atukorale

June 16, 2011

Acknowledgements

My deepest gratitude and thanks to Dr D.A.S Athukorala who guided me onthis literature survey by giving advices and guidelines to complete this report

in such a short time period.

Abstract

Cloud computing has earned its unavoidable position in the present emerg-ing information technology era. Most of the proprietary as well as open sourcesoftware companies already concerned on this specific field which will be thenext big thing in information technology.

This literature survey has been done on the aspects that utilized by cloud com-puting. This report includes main aspects of clouds like virtualization, storagemanagement data management for cloud and privacy issues when it comes tothe cloud computing.

In each section, Ongoing research on that area and the currently using tech-nologies have been described. In final chapter, authors conclusion about thepresent status of this area has been stated.

Contents

1 Introduction 11.1 Infrastructure as a service. . . . . . . . . . . . . . . . . . . . . . . 11.2 Platform as a service . . . . . . . . . . . . . . . . . . . . . . . . . 21.3 Software as a service . . . . . . . . . . . . . . . . . . . . . . . . . 2

2 Virtualization for cloud computing. 32.1 Hardware Virtualization . . . . . . . . . . . . . . . . . . . . . . . 32.2 Para virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . 4

2.2.1 XEN Hypervisor. . . . . . . . . . . . . . . . . . . . . . . . 52.2.2 vBlades Hypervisor. . . . . . . . . . . . . . . . . . . . . . 7

2.3 VMWare Hypervisor. . . . . . . . . . . . . . . . . . . . . . . . . . 82.4 KVM for linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

2.4.1 Architecture of KVM . . . . . . . . . . . . . . . . . . . . 9

3 Storage Virtualization 113.1 CDMI - Cloud Data Management Interface. . . . . . . . . . . . . 12

4 Privacy issues when it comes to data on cloud 134.1 cryptoDSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

4.1.1 Virtualized CryptoDSP core . . . . . . . . . . . . . . . . . 144.1.2 Client plugin . . . . . . . . . . . . . . . . . . . . . . . . . 144.1.3 Virtualized Coded Storage Module . . . . . . . . . . . . . 14

4.2 Privacy Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

5 Conclusion 16

i

List of Figures

2.1 Architecture of a hypervisor . . . . . . . . . . . . . . . . . . . . . 42.2 Architecture of XEN hypervisor . . . . . . . . . . . . . . . . . . . 52.3 KVM Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . 9

ii

Chapter 1

Introduction

The concept “cloud computing” dates back to 1960s, very first decade of thepresent computing. When Jhon McCarthy opined that, [1]

computation may someday be organized as a public utility

which give the meaning of computation power storage will be a public serviceone day. And after five decades, today some scientists refer “cloud computing”as the next biggest thing in computing.

When talking about cloud computing there is an organization which shouldspecially mentioned with, which is Amazon, who played a key role by doingresearches about clouds and developing and modernizing their datacenters.

In present numbers of companies and IT organizations are focus their attentionon clouds and among them there are some of well known vendors such as Ama-zon, Microsoft, Google, Redhat, Salesforce etc. . . have implemented their ownproducts using this concept.

There are five main layers of cloud architecture which are hardware layer, Vir-tualization layer, Infrastructure as a service layer, Platform as a service layerand Software as a service layer. Further the last three layers are which actuallyexpose to external parties as services. Addition to these three exposed layers,another emerging area is the Data as a service layer. Below is a brief discussionabout the above mentioned services.

1.1 Infrastructure as a service.

This layer extends Virtualization layer and is the most generalized service layerof the cloud architecture exposed to external parties. Since this layer is gener-alized, this can be customized by clients as they want.In this provision model, organization outsource things like computing power

1

and the storage to the external parties. To decide what Operations runs us-ing the service on which platform is decided by the client because of that thisstructure is more generalized.Being generalized in the IaaS layer introduce its own set of security issues sincethe client takes the control of customizing the service.

1.2 Platform as a service

In this layer plat form or operating system supply to client as a service to hosttheir own set of software on top of that. Since this layer runs on the IaaS andits only clients virtual machine and memory space is accessible to a particularclient, this is less vulnerable to threats than IaaS layer.

1.3 Software as a service

This referred as on demand software too. This is a software delivery modelwhere the software and associated data host on a cloud and client can accessthis by a thin client. This is the most specialized layer in the cloud architecture.Since the service provider has the control over the infrastructure, platform andthe what software he expose to external parties this is has the least threat fromall three architectures.

Data as a Service is a associated layer with the above SaaS layer where ithas its own critical problems such as concurrency, duplication of the data anddistributed data handling. All main database system manufacturing organiza-tions such as Oracle, Microsoft, IBM etc. . . have focus their attention on thisemerging field. They have fund and carrying out more researches on this fieldin the present.

Content of rest of the report has been organized as following.

In chapter 1 introduction will be carried out about the basic concept of cloudcomputing and services that offered using clouds. Chapter 2 is dedicated todiscuss about the virtualization , current trends and technologies that derivedfrom full virtualization and finally brief explain will be carried out about se-lected vendor and popular hypervisors currently use for obtain the virtualizationfeature in clouds. Chapter 3 will be dedicated for storage virtualization, whichis an important section that should be discuss when it comes to cloud comput-ing.

In chapter 4 a brief introduction will carried out about the privacy issues whenusing cloud services. Concern on this area is a must because geographical lo-cation of the service offering company can cause lot of issues when it comes toprivacy and data on cloud.Finally the view and the conclusion of the authorabout the cloud computing paradigm will be explained.

2

Chapter 2

Virtualization for cloudcomputing.

This is the basic concept behind cloud computing. A cloud is a pool of virtu-alized resources . Virtualization can be done in several areas such as hardware, software , data and storage. This document is mainly focus on hardware vir-tualization and storage virtualization which are the main bottlenecks when itcomes to cloud computing.

2.1 Hardware Virtualization

Hardware virtualization stands for creation of a virtual machine which acts likea real computer with an operating system. This virtual machine also known asthe guest machine. The machine which actually host the guest machine knownas the host machine. And to create the guest machine on top of the host ma-chine we use a special software called hypervisor.

There are mainly three types of hardware virtualization techniques they areFull virtualization, partial virtualization and Para virtualization.

In full virtualization the virtual machine consist of enough hardware simula-tors which can then allow unmodified guest operating system to be run on topof host operating system. KVM for linux is a current application of this ap-proach and which will be further explained in a separate section in this chapter.

In partial virtualization simulate address space but could not allow to run afull operating system but only selected number of applications.

Para virtualization is the most widely adopted virtualization technique hencethis had been specifically explained below as a separate section.

3

2.2 Para virtualization

Para virtualization is a technique where a software interface which is similar butno identical to the actual hardware, present to the modified operating system.The interface makes it easy to communicate between the host operating systemand the guest operating system where it reduce the execution time of the guestoperating system by specifically sending the acknowledgements of the criticaltask to the host operating system where the hypervisor resides on.

Figure 2.1: Architecture of a hypervisor

To utilize Para virtualization the guest operating system required explic-itly ported to the hypervisor API and the mapping of the API to the actualhardware is done by the hypervisor. Currently there are two main popular hy-pervisors available for this purpost which are Xen and VMWare.

Other than these two hypervisors researches have been carried out for opti-mize performances in instruction set architecture specific hypervisors.

HP vBlades is such a hypervisor which is design to enable and optimize virtual-ization in Itanium processors. According to the paper published by HP, beforethe vBlades there have been significant number of blocking situations when itcomes to running a guest operating systems on top of Itanium instruction setarchitecture, such as ring compression, exceptions and interrupts Emulation ofprivileged operations and privilege sensitive instructions. All these problemshave been addressed by the implemented vBlades hypervisor which also calledas optimized Para virtualization.

4

2.2.1 XEN Hypervisor.

Figure 2.2: Architecture of XEN hypervisor

XEN [9], [8] is open source hypervisor which use Para virtualization as thecore virtualization technology. XEN abstract the underlying physical hardwarecomponents and expose a common virtualized hardware interface to the guestoperating systems. Guest OS should be modified to achieve full performance ina such a way that it should identify the XEN virtual hardware interface. AlsoXEN support for unmodified guest operating systems via its virtual BIOS andvirtual drivers that integrated to the hypervisor.

XEN hypervisor has a special administration option which is called domain0 where the administrators can use this to create other virtual machines anddefine the rules of accessing the hardware layer for each virtual machine.

XEN uses 4 privilege levels of intel x86 architecture to isolate the guest OSfrom its applications and hypervisor from guest OS which will lead to increasethe performance and efficiency in the guest OS. The highest privilege level whichis know as ring 0 is given to the hypervisor which can manipulate other virtualmachines where guest operating systems has been installed. The next privilegelevel ring 1 is given to the guest OS to isolate it from the applications that arerunning and the lowest privilege levels ring 2 and 3 have been given to otherapplications.

XEN has its own data structure to implement the registers. And exceptionhandlers of the guest OS are modified to read faulting address from its ownstacks rather than reading them from privilege processor registers. There is aburrowed virtual time (BVT) scheduler to allocate CPU time share for each op-erating domain where the BVT has comparable performance with the real timescheduler and because of that only little overheads exist between two schedulers.XEN also support for other schedulers too which can be added to hypervisor.

5

XEN virtualize entire physical memory by dividing physical address space toseveral compartments to be used by the various domains. Initially a fix size ofphysical memory will be allocated for each domain and when need of additionalmemory XEN can extend physical memory on demand and release there is noneed of additional memory.

Underlying hardware devices are not fully emulated by XEN hypervisor, con-trary to the fully virtualized environment. XEN uses simple interfaces to ab-stract the devices to guest OS. Since data transfer happen trough a sharedmemory, this ensures the highly efficient in terms of performance and a fairamount of security.

Concept of Virtual Firewall Router has been introduced by XEN where each do-main can have more than one virtual network interfaces exposed which abstractthe network hardware card with two asynchronous buffers for bi directional I/O.

6

2.2.2 vBlades Hypervisor.

HP vBlades [4] is a hypervisor which is design to enable and optimize virtual-ization in Itanium processors. According to the paper published by HP, beforethe vBlades there have been significant number of blocking situations when itcomes to running a guest operating systems on top of Itanium instruction setarchitecture, such as ring compression, exceptions and interrupts Emulation ofprivileged operations and previlege sensitive instructions. All these problemshave been addressed by the implemented vBlades hypervisor which also calledas optimized Para virtualization.

Privilege state communication block has identified as a main cause of low effi-ciency when running a guest operating system using a Itanium processor andthorough vBlades hypervisor the researchers has suggested shared memory areafor reflect the privilege registers.

Using a single virtual abstraction layer (VAL) service call for each single emula-tion of a privileged operation is more expensive. So instead of using single VALservice call for a singe emulation of privileged operation, vBlades hypervisoruse grouping of privileged operation calls and map it to a single VAL servicecall which increase the efficiency of the guest operating system.

Another aspect introduced by the research team is transparent Para virtu-alization, which is operating system determine whether it runs virtualized ornot and according to the decision at the run time it can make optimal choiceand use the same binary instead of separate binaries. In vBlades , it set oneof privilege registers to 1 which is normally set to 0 if it is not using and thenat the run time processor can identify whether the OS is virtualized or not bychecking this register. Though this introduce a new overhead of checking theregistry each time privilege instruction execute, it is lower than virtualizationoverhead so this is an ideal solution to optimization.

After applying all these changes to a linux kernal and run it on vBlades hy-pervisor researches have stated in the document that they observe significantefficiency rate where the performance has maximized and changes to the OShave minimized.

7

2.3 VMWare Hypervisor.

Being the first of its kind VMware [1] was out in 1998 with enabling virtualiza-tion on x86 architecture. VMware is capable of running as hosted applicationon top of the host OS and also capable of running as a hypervisor where there isno need of a host OS and guest OS can reside inside the virtual machines thatruns on VMware hypervisor. VMware player, ACE , workstation and server usehosted architecture for more flexibility while ECX server employee hypervisorarchitecture which can be used for cloud computing virtualization purposes.VMware uses full virtualization as the core technology but it has adapted someaspects of Para virtualization too.

To obtain the most privileged state to execute code from hypervisor using thex86 architecture was a challenge in those days, where VMware developed binarytranslation techniques combined with direct execution. In binary translationthe hypervisor scans the virtual machine memory and intercepts privilege callsbefore they are executed and dynamically rewrites the code in memory. Theoperating system kernel is unaware of the change and operates normally.

Memory virtualization of the VMware is more similar to the way it imple-mented in modern operating systems. Where page tables use to map the vir-tual memory to the physical memory. Where this is different from actual OSis that hypervisor should implement virtual memory management unit (MMU)to virtualize the MMU inside the processor. This virtual memory managementunit is responsible for mapping guest physical memory to the actual machinememory, and it uses shadow page tables to accelerate the mappings.

When it comes to the I/O virtualization VMware abstract the all I/O devicesand present an interface to their virtual machine. These interfaces can be ac-cessed from virtual device drivers in each virtual machine. When it comes toportability this virtual device drivers play key role. That is regardless of theactual physical devices , this stranded virtual drivers can be access from anyplatform.

8

2.4 KVM for linux

Kernel based virtual machine [6], [3] (KVM) is the latest addition to open sourcevirtualization technologies. The main goal of KVM project is to combine pre-vious generation technologies with the modern hardware available today.

KVM is a loadable kernel module which convert bare linux kernel to a hy-pervisor. It use the newly developed hardware support for virtualization suchas Intel’s VT-X or AMD-V enable processors. This release a huge workloadfrom the KVM designers where they can focus on implementing virtualizationon top of the support supplied by the hardware vendors rather than doing itfrom the scratch. Since KVM is an integrated module to linux kernel it doesntimplemented its own set of required component such as memory manager, aprocess scheduler, an I/O stack, device drivers, a security manager, a networkstack etc. . . Instead it uses the inbuilt linux components which are more stableand can rely on.

Form January 2007 KVM became a core part of linux kernel where it wasintegrated to linux kernel 2.6.20. This able KVM to inherit key features fromlinux kernel. In addition to the broad Linux community KVM is supported bysome of the leading vendors in the software industry including Red Hat, AMD,HP, IBM, Intel, Novell, Siemens, SGI etc. . .

2.4.1 Architecture of KVM

Figure 2.3: KVM Architecture

In KVM each and every virtual machine is implemented as regular linuxprocess. Not only that each virtual CPU appears as a regular process too. Thisallows KVM to benefit from all the inbuilt features of linux kernel. All thedevice emulations are handled by a modified version of QEMU which includeemulated BIOS, PCI bus, USB bus and standard set of device drivers.

9

Since virtual machine is implemented as linux process, standard linux securitymodule which is SELinux can take control over the virtual machine. And sVirtwhich is tool to define policies to manage virtual machine based on SELinuxmodule , can make sure each virtual machine is isolated from another.

When it comes to the memory management, since virtual machine is a linuxprocess , it uses the normal memory management techniques used by otherlinux processes and the virtual memory can be swapped, backed by large pagesfor better performance, shared or backed by a disk file. Also NUMA supportallows virtual machines to efficiently access large amount of memory.

Also KVM suppots latest memory virtualization features introduced by CPUvendors such as Intel extended page table (EPT) and AMD rapid virtualizationindexing (RVI) which able to deliver less CPU utilization with high throughput.

Kernel Same-Page Merging is a kernel feature which enables the memory pagesharing in virtual machines. When KSM found two or more virtual machineshave identical memory pages KSM merges this in to a one page and share thispage among all the virtual machines which had this page before merging. Whena virtual machine tried to modify the page KSM create a copy of shared mem-ory page , do the modification needed by virtual machine and allocate it to thatvirtual machine.

Since KVM is a modular inside linux kernel it leverages the entire hardwareecosystem. Which gives an added advantage to KVM over other virtualizationtechnologies, which is a hardware vender who is contributor to linux communitycomes up with a new feature there is no need to re implement the features forthe hypervisor because the technology will include to the linux kernel and KVMcan be benefited from it.

KVM is able to use any storage supported by linux as well as KVM supportsvirtual machine images on shared file systems. The native disk format forKVM is QCOW2 which includes support for snapshots allowing multiple levelsof snapshots, compression and encryption.

Another feature support by KVM is live migration of the virtual machinesbetween two separate KVMs. This feature is transparent to use which meanswhen the migration happens virtual machine remains power on, applicationsstill run on the KVM and network will be active. Also KVM support for savingthe state of a virtual machine when it turns off.

With all the above features KVM supporting virtual machines with up to 16virtual CPUs and 256GB of ram and host systems with 256 cores and over 1TBor RAM with improved scheduled and resource controls and low latency.

10

Chapter 3

Storage Virtualization

When it comes to cloud computing storage virtualization plays key role. Cloudstorage services is the cooperation of storage services, many application domainsand various forms of services run on those applications. Supplying services tothousand and thousands of clients mean the service provider should concernabout that the enough space is available for each and every clients demand.This is where the virtualization techniques for storage become handy. Otherthan the virtualization techniques cloud storage systems are benefit from broad-band networks, WEB 2.0 and Storage Network Areas.

There are mainly two types of storage systems which are namely block ac-cessed storage and file accessed storage. There are number of popular protocolsto deliver block access storages such as Fibre Channel, iSCSI, SAS and FICONetc. . . For file access systems typical use NFS or CIFS as its protocole.

What done in storage virtualization is virtualizing physical storage in the en-terprise storage area network (SAN) into virtual disks where it can be used byapplications. This enable storage consolidation across heterogeneous vendorsand protocols, thus enabling applications to easily share heterogeneous storageresources. Using storage virtualization also gives the advantage of migratingvirtual disk from one physical storage subsystem in the system to another with-out downtime.Also compression and de duplication of the data used to reducethe actual space consumed.

A data center consist of several physical storage devices that networks witheach other which can be then use to store virtual disk images and can migratesuch virtual disk over the network , which compromise a “Storage Area Network.

Currently there are many researches going on the storage virtualization area aswell as make it efficient where minimizing the overheads. Following are briefsummery of such research projects.

A research team from china[11] has suggested an architecture for Cloud Stor-age system. What they propose is an layered architecture considering as Cloud

11

storage as a service type. The proposed architecture consists of a network stor-age infrastructure, storage management, metadata management, strong overlayand a service interface.

Storage Infrastructure is consist of various distributed storage devices networkedwith each other either wired or wireless. In storage management, geographi-cal distributed storage resources are organized by domains and logical entitieswhere data can be stored as either files or blocks in storage media. Metadatamanagement used to cluster global domain data storage metadata informationand collaborate for load balancing in each domain.

Using storage overlay layer, the Virtualization and service retrieving and redi-recting can be fulfilled while the service interface layer provide an abstractinterface that client could access.

3.1 CDMI - Cloud Data Management Interface.

CDMI [2] is an interface to enable interoperable cloud storage and data manage-ment which was introduced by The Storage Networking Industry Association.A notion of container used to abstract the underlying storage space exposedby the CDMI interfaces. From the Container, abstraction of the storage spaceachieved with grouping the data stored in it and also it acts as a point of controlfor applying data services in the aggregate.

CDMI can use with the cloud management application where the virtual ma-chines which are pluggable to the cloud can access the storage with the APIprovided by the CDMI interface.

12

Chapter 4

Privacy issues when it comesto data on cloud

When it comes to cloud computing not only service providing party but theclients and users of that particular service too should given more concern onthe security and privacy matters. But people only focus on security and com-paring to that less concern has been given to the privacy aspect. Ignoringprivacy may creat huge problems when it comes to the long run of a businesswhich are using cloud servies.

Privacy issues are kind of related to security as well but these are a separatesection apart from security that needs to be focus on. While privacy of userdata issues has a technical side in it, it has a social element within which is like“How to Trust a particular service provider” . Though there are not any regula-tion yet specifically defined for privacy within cloud computing there are someregulation which actually defined before the term cloud computing introduced, which can be applied for the cloud computing as well. The most influentialsuch regulations are ; EU Directive 95/46/EC, The Safe Harbor Agreement,The FTC Fair Information Practice Principles and The Payment Card Indus-try [5].

Though there are these regulations , still most of cloud service providers haventadapted those. This might due to because these regulations are not specificallydefined for cloud computing but because of the critical situation about the userdata privacy there exist a need of a protocol between cloud service providersand clients. And this open a new paradigm of the problem , which if the eachand every cloud service uses their own property privacy maintain mechanismthat would be a problem to migrate data within the service providers.

Published articles and researches proposing solutions to adhere the above prob-lems and there are lot of research and experiments currently going on regardingthe above issue.

13

4.1 cryptoDSP

This is a joint research done by university of migo and uniersity of new maxico.Researchers has narrowed down the domain to “cloud privacy for signal process-ing Here the researches used novel discipline of signal processing in encrypteddomain to solve the privacy issues arising by outsourcing data to cloud services.

Researchers have introduced an architecture of a privacy-preserving Cloudcomputing system for the outsourcing of Signal Processing by using SPED tech-niques and materializing them as a virtual DSP (Digital Signal Processor) thatperforms the needed operations in the encrypted domain, which they call cryp-toDSP [10]. This architecture consist of three main blocks which are namelythe Virtualized Coded Storage, the virtualized CryptoDSP core, and the ClientPlugIn. To provide the greatest versatility above components have been im-plemented as middle-wares on top of cloud infrastructure (IaaS) and a api hasbeen presented to the PaaS layer to use the cryptoDSP which ensures that anyprivacy preserving application can be build on top of this secure middle-wear

4.1.1 Virtualized CryptoDSP core

This is the server side implementation of the secure signal processing primitivesusing SPED technologies which will also communicate with client side plug-induring the execution of corresponding protocols. This component only includethe online computation part of the cryptoDSP and the offline computation partis implemented in Virtualized Coded Storage Module.

4.1.2 Client plugin

This present transparent interface from the client view-point. It comprises acryptographic module for data encryption, key generation and management,and a communication module for the on-line interaction with the cryptoDSPas describe above.

4.1.3 Virtualized Coded Storage Module

This is the module which perform the three complementary functions which are

1. server-side data encryption.

2. data pre-processing and off-line processing for the secure protocols.

3. Management of the storage of the encrypted and preprocessed data.

Main purpose of this layer is to reduce the computational load of the secureprotocols for reducing their on-line time and/or the needed communicationbandwidth.

Researchers have stated two limiting factors for cryptoDSP which are compu-tational load and bandwidth. In case of computational load, researchers havesuggested that the client side plugin should be lightweight as possible and all

14

the heavy work should be handle by the server side. And when it comes to thebandwidth suggestions of the researchers are that distribute the load betweennodes will solve the matter.

4.2 Privacy Manager

This is a research done by HP labs [7] which is based on obfuscation. The ideabehind this research is to sent the encrypted data from user to the cloud andcloud do the process on those encrypted data and sent the result back whereuser can decrypt and obtain the result in readable form. Here the obfuscationuses a key which is chosen by the user and known by the privacy manager, butwhich is not communicated to the service provider.

But not all applications can be operate on encrypted data, so to avoid this prob-lem researchers have suggested features called “preferences” and “personae”.

In preferences users have been allowed to set their preferences about the han-dling of personal data that is stored in an unobfuscated form in the cloud. Thiswill communicate the preferences to the policy enforcement mechanism thatuse in cloud. And also preferences can be assoicated with data and can besent to the cloud. Part of the preference specification could involve the purposefor which the personal data might be used within the cloud, and this could bechecked within the cloud before access control were granted.

Other feature which is named personae allows the user to choose between mul-tiple personae when interacting with cloud services. Using this method the usercan be either stay anonymous to other or else can be partially or fully discloseof his identity.

15

Chapter 5

Conclusion

Cloud computing is one of the sections that is frequently developing. Most ofthe IT organizations are currently focus on modelling their current architecturesto be comprehensive with this new emerging area as well as eager to do theirproducts as clouds. Recent examples on this are Microsoft introducing office365 suite which indicates moving their traditional Microsoft Office documentprocessing package to a cloud. Also Oracal the largest database managementsystem developing company is currently doing their research on a data basewhich can use cloud architecture. Not only those companies the worlds largestFOSS based company Red Hat has introduced their cloud platform based onFedora Linux core and Google which is another large multi billion companywhich is more focus on Open Source Software, has adapting cloud architecturefor their services. This hint us about that in the near future will be the era ofCloud driven service based computing.

In first section of the report i have discussed the virtualization and virtual-ization techniques currently developed. Out of these XEN, KVM and VMwareare 3 of most popular hypervisors. After considering the all the facts i wouldlike to prefer KVM as the best virtualization choice because it is not just an-other layer which runs top of the Operating System, KVM comes as a moduleattach to the operating system where KVM is using the most stable and pow-erful linux modules to function. So from performance wise and stability KVMwill be the best choice.

Storage virtualization opens its own aspect to cloud computing. Where vir-tualization need to be done to adhere to demand as well as there should bemore comprehensive architectures to achieve this goal. Researches are going onto create more efficient stable storage virtualization systems to cooperate withvirtual machines and deliver high performance cloud computing.

In last section i have discuss about the privacy issue arise due to using thirdparty services to store data. This is a most critical issue currently lot of re-search going on this topic due to the importance of this matter. Before thecloud computing people use to store their private data using storages within

16

the premises such as servers. But with cloud computing coming to the picture,obtaining the services from a third party leaves a threat that others can accessthe private data.

When the concept of cloud computing introduced, Richard Stallman, wellknown American Freedom software activist stated his objections to this conceptstating the threat on privacy.

As i have described in the chapter for privacy issues researchers are focus-ing on using encryption to overcome the privacy issues, but it will reduce theperformance of the system. So overcome the privacy issues of cloud computingwithout reducing the performance is still a challenge to the world.

17

Bibliography

[1] Understanding full virtualization, parav irtualization, and hardware assist.Technical report, VMware incoperation, 2007.

[2] Cloud storage for cloud computing. Technical report, Open Grid Forumand Storage Industry Network Association, September 2009.

[3] Kvm kernel based virtual machine. Technical report, Red Hat, Inc., 2009.

[4] Daniel J. Magenheimer and Thomas W. Christian. vbladesl: Optimizedparavirtualization for the itanium processor family. In Proceedings of theThird Virtual Machene Research and Technology Symposium, Hewlett-Packard Laboratoriesl, May 2004. USENIX Association.

[5] Joep Ruiter and Martijn Warnier. Privacy regulations for cloud computingcompliance and implementation in theory and practice. Technical report,Faculty of Sciences, VU University Amsterdam and Faculty of Technology,Policy and Management, Delft University of Technology, 2010.

[6] Amith Shah. Kernel-based virtualization with kvm. Linux Pro Magazine,pages 37 – 39, 2008.

[7] Yun Shen Siani Pearson and Miranda Mowbray. A privacy manager forcloud computing. Technical report, HP Labs, HP Labs, Long Down Av-enue, Stoke Gifford, Bristol BS34 8QZ, UK, 2010.

[8] Srikanth Sundarrajan and Subhabrata Bhattacharya. Xen and server con-solidation. Technical report, Infosys technologies limited, 2006.

[9] Puneet Dhawan Tim Abels and Balasubramanian Chandrasekaran. Anoverview of xen virtualization. Dell Power Solutions, pages 109 – 111,August 2005.

[10] Juan Ramn Troncoso-Pastoriza and Fernando Prez-Gonzlez. Cryptodspsfor cloud privacy. Technical report, University of Vigo, Signal Theoryand Communications Department and University of New Mexico, Dept. ofElectrical and Computer Engineering, 2009.

[11] Kairi Ou Wenying Zeng, Yuelong Zhao and Wei Song. Research on cloudstorage architecture and key technologies. Technical report, School ofComputer Science and Engineering, South China University of Technol-ogy, 2009.

18