Securing Cloud Virtual Machine Image Using Ethereum Blockchain

Securing Cloud Virtual Machine Image Using Ethereum Blockchain

Srijita Basu, Sandip Karmakar, Debasish Bera
Copyright: © 2022 |Pages: 22
DOI: 10.4018/IJISP.295868
(Individual Articles)
No Current Special Offers


Virtual Machine Image (VMI) is the building block of cloud infrastructure. It encapsulates the various applications and data deployed at the Cloud Service Provider (CSP) end. With the leading advances of cloud computing, comes the added concern of its security. Securing the Cloud infrastructure as a whole is based on the security of the underlying Virtual Machine Images (VMI). In this paper an attempt has been made to highlight the various risks faced by the CSP and Cloud Service Consumer (CSC) in the context of VMI related operations. Later, in this article a formal model of the cloud infrastructure has been proposed. Finally, the Ethereum blockchain has been incorporated to secure, track and manage all the vital operations of the VMIs. The immutable and decentralized nature of blockchain not only makes the proposed scheme more reliable but guarantees auditability of the system by maintaining the entire VMI history in the blockchain.
Article Preview


Small and medium scale enterprise units have mostly switched from in house servers to cloud computing. The present scenario manifests cloud as one of the most popular platforms for storing data (Han et al., 2013) and deploying services. The flexible pricing model (Wu et al., 2019), minimized maintenance efforts at the user end along with the provisions of on-demand up-scaling and down-scaling of resources have lured a wide range of IT enterprises to adopt various cloud based services. The vast choices of VMIs offered by the CSP enables the user to select an appropriate flavour (choice of OS, RAM, Disk size, Processor, pre-installed application server, etc.) according to his/her requirement. These VMIs (Tang, 2011), being the backbone of the entire CSP infrastructure, proper security and maintenance of the same becomes a very vital issue. Both the CSP and the user i.e. CSC are directly affected by the different aspects of the VMI. There are a number of VMI vulnerabilities (Hashizume et al., 2013) that can be exploited by an intruder in order to observe and tamper with unauthorized user data/CSP admin data. A detailed insight into an attack of this nature has been presented in the upcoming sections. A number of schemes (Wang & Jiang, 2010) (Hussein et al., 2016) for addressing the VMI related security issues have been devised, but most of them tends to be inadequate to meet all the requirements at the same time.

Blockchain technology has become a pioneer of data storage and monitoring solutions. It is generally portrayed as a “distributed and decentralized public ledger”. In the year 2008, Satoshi Nakamoto introduced Blockchain technology as a framework for supporting a crypto-currency known as Bitcoin (Nakamoto, 2008). The term Blockchain and Bitcoin were then used interchangeably. Later in the year 2014, researchers were enlightened with the potential of blockchain technology. Gradual technological advancements turned blockchain into a secured medium for logging any kind of transaction/change without a third party intervention. The 2nd generation of Blockchain- Ethereum (Wood, 2014) developed the concept of Smart Contracts (Macrinici et al., 2018). With the help of this new generation blockchain technology, any service, asset, bond, rather any generic piece of data could be exchanged between peers, depending on certain criteria embedded within the smart contacts.

Another important fact about blockchain is the difficulty (Meshkov et al., 2017) involved in modifying its content. The blockchain mining algorithms (Wang et al., 2019) are responsible for this immutable nature. From the above discussion it is quite evident that blockchain can be utilized as a reliable platform to store, manage and monitor data/services. Medical record preservation and its secured transfer, Govt. data preservation, Logistics and Supply chain management are some of the most popular application areas of blockchain technology. Therefore, in this article the Ethereum framework of the blockchain technology has been utilized to address the security concerns corresponding to the Cloud VMI.

Before proposing any secured methodology for securing and monitoring the cloud VMIs, a comprehensive analytical model of cloud system needs to be designed. This work presents such a model. Later, an Etherum based smart contract has been designed to implement a proper security system for the VMIs without any third party intervention. This ensures that no malicious VMIs exists at the CSP end and additionally tracks the entire life cycle of a VM (Schwarzkopf, 2015) by providing a series of authentic audit data which helps to identify the dishonest entity along with other relevant piece of information like timestamp and details of any violation actions.

Complete Article List

Search this Journal:
Volume 18: 1 Issue (2024): Forthcoming, Available for Pre-Order
Volume 17: 1 Issue (2023)
Volume 16: 4 Issues (2022): 2 Released, 2 Forthcoming
Volume 15: 4 Issues (2021)
Volume 14: 4 Issues (2020)
Volume 13: 4 Issues (2019)
Volume 12: 4 Issues (2018)
Volume 11: 4 Issues (2017)
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing