摘要:Nowadays Virtualization is an underlying technology in cloud computing that simplifies data centermanagement improves corporate resource utilization, minimizes IT hardware costs. However, cloudenvironment faces new security challenges as the architecture of virtualized environments differsdramatically from non-virtualized. The traditional security methods cannot be applied any more to securesystem in effective way as it used to be in the past. New approaches should be applied in order to be able tomeet new security challenges of technology. In this research, we apply Ishikawa approach, method fromQuality Management System in order to identify many possible causes and factors for hypervisor securityrisks. In addition to that, to better structure the risks we based Ishikawa method on traditional securitymodel, STRIDE Model, proposed by Microsoft. Hence, this paper firstly analyses malicious environment ofvirtualization technology. Secondly, it applies quality-based methodology for security analyses. As a result, wesee that such approach helps to identify preventive security countermeasures that have to be considered atthe earlier stage before real attacks occur.
关键词:Secure cloud computing; hypervisor security; virtualization; threat modeling; Ishikawa; fishbonediagram; cause and effect analysis.
