An Overview Of Virtualization

: This paper presents an overview of virtualization .The first part covers the various Virtualization approaches. The second part covers the requirements for virtualization and its working. The third part covers its applications. In the final part the challenges and security issues are discussed.


INTRODUCTION
Virtualization is a technique which allows partioning, extending or replacing an existing interface into multiple completely separate virtual interfaces to mimic the behavior of actual interface/system. Virtualization [1] [2] can also be defined as the technique that encapsulates the virtual interface (resource or request or application) from the underlying physical delivery of that interface. New virtual interfaces provide an environment which is similar to that of actual system interface.
Virtual Machine Monitor also known as Hypervisor is a software component that provides abstraction for different virtual machines/interfaces running on same system.

Layered Architecture and Types of Interfaces:-
Architecture defines the formal specification and arrangement of a system's interface and logical behavior of the visible resources. Figure 1(A) shows different levels of interfaces, depending on what is virtualized or mimicked [3], we can obtain different form of virtualization as shown in Figure  1

VIRTUALIZATION APPROACHES
From the architecture described in above figures we can see that virtualization is possible at different levels [4] which are defined below sequentially:-

Virtualization at ISA level-This is possible by
implementing an emulation of ISA in software. Here by making use of emulation, guest machine's instruction are executed by translating the virtual instruction into native instruction and then their execution on the available hardware. For mimicking the exact behavior of the real world system an emulator has to be able to emulate every instruction that a real system can like reading chips, I/O specific instructions, rebooting etc.
Advantages o It provides ease of implementation while dealing with multiple platforms.
o It does not enforce stringent binding between the guest and host platforms.
o It provides infrastructural portability and flexibility.
Disadvantages o Portability comes here at a price of performance.

Virtualization at Hardware Abstraction layer level-In this type of virtualization physical
resources are portioned into virtual resources, so that each virtual machine assume that it is using its own resources, but in reality native hardware is used for its computation. For this type of virtualization technology virtual machine must be able to trap every privileged instruction and then pass it to VMM to get CPU's attention.
Advantages o It cuts down the interpretation latency.
o It provides an efficient and viable use of resources, hence increase performance.
o It provides high degree of isolation.

Operating System Level Virtualization-This
type of virtualization is developed to reduce the installation overhead required in HAL virtualization. Here virtual machines share the physical resources as well as the operating system on system and uses a virtualization interface layer above the OS layer to present multiple and isolated virtual machine to user. This technique basically provides a replica of operating environment on physical machine, so that difference from the real environment becomes hard to find.
Advantages o It reduces the overheads like OS installation and network set up etc.
o It provides high performance with simplicity of implementation.
Disadvantages o It is not as flexible as ISA level.
o It requires careful partioning and multiplexing technique.

Library Level Virtualization-
Libraries are basically used to provide an abstraction to users to hide complex operating system details to keep the OS simpler. Applications are programmed using set of APIs provided by group of library functions. This is also known as ABI/API emulation as it implements a different Application Binary Interface and/or a different Application Programming Interface using the underlying system. Examples: -WINE, LxRun, Visual MainWin.

Application Level Virtualization-It describes
software technologies for applications that encapsulate applications from the underlying OS on which they are executed. Here virtualization is done at application level. Basically application virtualization layer replaces part of the run time environment normally provided by the OS. The layer intercepts all files/registry operation of virtualized application and redirects them to a single virtualized location. This is also known as programming language level virtualization.
Advantages o It provides high degree of isolation and easy debugging at higher level.
o It helps to run multiple application level operations simultaneously with proper separation.

Disadvantages
o Each application has its own features with that do not allow them to virtualized. w w w . i j c t o n l i n e . c o m

d)
A statistically dominant subset of virtual processor's instruction are executed directly by real processor.
Virtual Machines can be constructed by letting VMM in supervisor mode and virtual machine in user mode.

HOW VIRTUALIZATION WORKS
Virtualization is possible only if underlying resources are compatible in doing it. The overall process of virtualization [6] is described below with help of figure   2.  In Operating system a privileged instruction performs a Trap operation when executed in kernel (supervisor) mode.
-Type 1 Virtualization is feasible only if sensitive instruction set is a subset of privileged instruction set.‖ Unmodified operating system is running in user mode. But it assumes that is running in kernel mode, that's why it is known as virtual kernel mode. Then privileged instruction gets trap.
VMM is a real kernel, upon trapping operation it executes privileged instruction operations or emulates what the hardware would do.
In Para-virtualization, operating system is modified to replace all sensitive instructions with hyper calls. OS behaves like a user program making system calls. VMM executes the privileged operation invoked by hyper calls.

In Software Testing and Evaluation-A
Test bed can be created using Virtual machines. Also un-trusted software can be evaluated in virtual machine. So virtual machine is said to be work like -Sandbox‖ from which the software cannot easily escape out and hence can be tested and evaluated effortlessly.

In Production Applications -Business
Applications are placed in virtual machines, so protecting the main server from poorly written and buggy code. Also it provides security by applying principle of least privilege.

Desktop Virtualization-Application is
hosted in a virtual machine or Blade PC (that also include the operating system), so rather than giving employees physical PC, enterprise can give them a personal Virtual machine running on a central server which save expenditure and space as well.

In Security mechanismfor running an
Intrusion Detection System, virtual machines are very good platform. Here they are known as -Honey Pots‖. Honeypots are unprotected machines that are connected to the Internet. By using these virtual Honeypots, attackers will not be able to go any further than these Honeypots, hence cannot crack the security.

In Cross Platform and Software Distribution Applications-Applications
developed for a specific OS are placed on a virtual machine, but it can be run on another different OS; so it is easy to run incompatible application simultaneously and hence save time. With few configurations changes software installed on one machine can be distributed on another.

In Debugging and Replaying-VMMs can
replay and monitor actions of virtual machines. When a Virtual Monitor is infected with viruses or is attacked by hackers, its action can be w w w . i j c t o n l i n e . c o m studied by simply replaying its execution; so it is easy to debug with the virtual machines.

CHALLENGES IN VIRTUALIZATION
Virtualization requires some attention during its implementation due to following reasons [8]:-

Depletion of Resourceswhile moving
from physical hardware to virtual environment often create the performance issues as Virtual Machine saturation cause application network resources depletion at a much faster rate. It also reduces Bandwidth, hence increases Latency.

Lapse in Application Availability-Virtual
machine instances are often migrated from one physical device or location to another single which can cause a lapse in application availability, i.e. whenever resource scheduler moves any data to some different storage, the application may become unavailable during this process and IP addresses also get lost, so availability of application is adversely affected.

Increase in Cost-Virtualization adds some
cost as new hardware and software licenses are required. Also maintenance and storage cost is increased which affect overall cost.

Limited Sharing of Information-some
features of advanced network technologies like switching and VLAN segmentation etc are not integrated with the rest of network as they have tight infrastructure. Hence are not sharable outside the virtual environment.

Congestion and Over Flow in Storage
Network-Data and Files are moved to shared storage in virtual environments; this increases the traffic on the storage network. Also this increases Flooding of data and causes congestion and delay on delivery of data.

Management Complexity-Management
of virtual machines as well as other existing data centers as a single unit is very difficult. Built-in management tools mange only virtual machine platform data. They do not guarantee about external information.
Solution to Above Challenges:-To avoid above discussed problems in virtualization one can make use of Local Traffic Manager (LTM) that offload resources and boosts the performance. Also it manages the session, application availability and proxy connections and their life times.
Also LTM helps in Load Balancing, Caching and Tiering to avoid congestion and un-necessary delay by aggregating capacity and increasing utilization of storage devices. Making use of Automation, WANJet and ESX-aware technologies provide direct integration between virtual machine and data centers. They also provide true application delivery and enable Dynamic Provisioning of resources that simplify the maintenance as single unit.

SECURITY ISSUES
Let's have a look on five main principles of security [9] [10] affected by use of Virtualization:

Non-Repudiation:
If any transaction is stored in a virtual machine in the form of transaction log, transaction may be lost if log is restored. The signature key can also be copied as it is stored in Virtual Machine. Therefore it may affect security.

Accessibility:
Virtualization is not without accessibility. As application sometimes become inaccessible as data is moved to a single location.
In this way we can say that virtualization may cause complexity as there is increase in amount of code, so an increase in bugs affect security adversely. There may be loss of uniqueness, location bounded ness and monotonicity. Isolation and Small Footprints etc have clearly positive effects on security issues. But there is a need to resolve above discussed concerns. Some efforts have already done to resolve them like by Scanning for viruses and Inspecting Virtual machines may distract attackers. Strict Organization of Virtual Infrastructure also helps in protecting Virtual Environment.

CONCLUSION
this paper concludes that Virtualization is an important technique that can be used in different environments. Currently, many different approaches are used for virtualization. These approaches can be compared on the basis of parameters like Performance, Robustness, Relationship with host operating system, Portability to multiple guests, Security etc. However all the approaches have some flaws which can be removed in further research. Techniques like Application Virtualization and Para virtualization can be looked promising for future applications. For specific areas selection of proper approach (with their security issues) needs proper care.