Virtualization Working Group
Working Group Inactive
This working group is currently inactive. If you have any questions or would like to discuss continuation of research in this area, please contact [email protected].
Introduction to the Virtualization Working Group
Virtualization is a critical part of cloud computing. Virtualization provides an important layer of abstraction from physical hardware, enabling the elasticity and resource pooling commonly associated with cloud. Virtualized operating systems are the backbone of Infrastructure as a Service (IaaS). The CSA Security Guidance for Critical Areas of Focus in Cloud Computing focused exclusively on virtualized operating systems in Domain 13. Recent developments in software defined networking (SDN) show great potential to virtualize data networks in the same way that operating systems have been virtualized. Additionally, the future integration and potential convergence of virtualization of operating systems and networks promise to greatly impact the next generation of cloud architectures.
The security issues and recommended best practices of this broader view of virtualization merit additional focused research from a reconstituted version of the CSA Virtualization Working Group.
Research Road map
- Security Position Paper: Network Function Virtualization
Security Position Paper: Network Function Virtualization
This paper discusses some of the potential security issues and concerns, and offers guidance for securing a Virtual Network Function (NFV) based architecture, whereby security services are provisioned in the form of Virtual Network Functions (VNFs). We refer to such an NFV-based architecture as the NFV Security Framework. This paper also references Software-Defined Networking (SDN) concepts, since SDN is a critical virtualization-enabling technology.
|Working Group Co-Chair(s)||CSA Global Support||Contributors|
Virtualization Working Group Leadership
Mr. Chaudhry has 13 years of experience in delivering a broad range of information-security solutions to diverse companies and organizations. He has a progressive information security career with track record of success in systems architecture/design, system integration/deployment and system security/user management. He is well-versed in cloud computing, security products and middleware platform components. He holds strong capabilities in collecting and analyzing complex technical problems and turning commercial products into an integrated solution for customers. As a Principal Architect he produces solution/reference architectures, writes design papers, writes blogs for Trend Micro, participates in pre-sales activities to help close new engagements as well as delivers talks in conferences around the world.
Kapil Raina specializes in bringing complex products to market by developing go-to-market strategies, influencing press and analysts, and executing on demand generation plans from concept to close. Mr. Raina has deep experience in security, especially, in the SaaS/cloud markets. He was previously the co-chair of the Web Security-as-a-Service Working Group for the CSA. His background and experience includes brands such as VeriSign, VMWare, Elastica and Zscaler. He is also a prolific speaker and writer, including authoring several books such as “PKI Security Solutions for the Enterprise” (Wiley) and “mCommerce Security” (McGraw-Hill).
A security and mobile domain expert, he has authored several books such as “PKI Security Solutions for the Enterprise” (Wiley) and “mCommerce Security” (McGraw-Hill).
Virtualization Working Group Initiatives
Please contact Virtualization Working Group Leadership for more information.
JOIN WORKING GROUP
Connect with Us
Virtualization Working Group Downloads
近五年来，随着云基础设施的能力和复杂性飞速演进，安全风险也相应上升。 虽然虚拟化已不是一个很新的概念，但几乎任何人都可以对计算、存储、网络和应 用程序等资源进行虚拟化的想法会增加安全威胁的影响和速度。同时，全球地缘政 治格局已从由机遇驱动的网络攻击转变为资金充足的国家行动。
Release Date: August 03, 2018
This white paper discusses some of the potential security issues and concerns, and offers guidance for securing a Virtual Network Function (NFV) based architecture, whereby security services are provisioned in the form of Virtual Network Functions (VNFs).
Release Date: February 29, 2016