Using Graph Theory for Cloud System Security Modeling

  • Peter D. Zegzhda
  • Dmitry P. Zegzhda
  • Alexey V. Nikolskiy
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7531)


The paper discusses the security problems of cloud systems. It also contains a model of cloud systems that allows formally describe different security problems. The proposed model is based on graph theory and it describes main features of virtual machines in cloud systems. The paper formally presents a transformation of data operations that happens in hypervisor software due to virtualization technology. It allows formally define several cloud system security problems of hypervisor software. The paper also contains a discussion about other security problems with shared virtual machines in the cloud.


cloud information security virtualization model graph theory 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Catteddu, D., Hogben, G.: Cloud Computing. In: Benefits, Risks and Recommendations for Information Security / European Network and Information Security Agency, ENISA (November 2009)Google Scholar
  2. 2.
    Michael, H.R.: VMware vSphere in the Enterprise (July 28, 2009),
  3. 3.
    Zegzhda, P.D., Zegzhda, D.P.: Dynamic security methodology / MaBIT conference materialsGoogle Scholar
  4. 4.
    Clark, C.: Live Migration of Virtual Machines. University of Cambridge Computer Laboratory Cambridge, UK, Department of Computer Science University of Copenhagen, DenmarkGoogle Scholar
  5. 5.
    Jones, M.T.: Anatomy of a cloud storage infrastructure / IBM developer works (November 30, 2010)Google Scholar
  6. 6.
    How Does Xen Work? (December 2009),
  7. 7.
    Elhage, N.: Virtunoid: A KVM Guest ! Host privilege escalation exploit / Black Hat USA (2011)Google Scholar
  8. 8.
    Weinman, J.: Axiomatic Cloud Theory. Working Paper (July 29, 2011)Google Scholar
  9. 9.
    Chan, W.K., Mei, L., Zhang, Z.: Modeling and Testing of Cloud Applications. City University of Hong Kong and The University of Hong Kong (2009)Google Scholar
  10. 10.
    Li, Y., Boucelma, O.: A CPN Provenance Model of Workflow: Towards Diagnosis in the Cloud. Laboratoire des Sciences de l’Information et des Systémes, Domaine Universitaire de Saint-JérômeGoogle Scholar
  11. 11.
    Ma, H., Schewe, K.D., Thalheim, B., Wang, Q.: A Formal Model for the Interoperability of Service Clouds (December 22, 2011)Google Scholar
  12. 12.
    Henzinger, T.A., Singh, A.V., Singh, V., Wies, T., Zufferey, D.: FlexPRICE: Flexible Provisioning of Resources in a Cloud Environment / IST AustriaGoogle Scholar
  13. 13.
    Zegzhda, P.D., Zegzhda, D.P., Karetnikov, A.V.: Cloud systems. In: Virtual Security or Secure Virtualization? / Proc. of the Conference ”RusCrypto” (2012)Google Scholar
  14. 14.
    Zegzhda, D.P., Karetnikov, A.V.: Cloud systems security. In: Problems and Prospect / (ISSN-2071-8217) Information Security Application #4 (2011) Google Scholar
  15. 15.
    Drouineaud, M., Luder, A., Sohr, K.: A Role based Access Control Model for Agent based Control SystemsGoogle Scholar
  16. 16.
    Kalinin, M., Konoplev, A., Markov, Y.: Control of the security policies requirements in grid-systems. In: Proc. of the Conference Information Security of Russian Regions (ISRR 2011). St. Petersburg, Russia (2011)Google Scholar
  17. 17.
    Stepanova, T.: The relations between user behavior and outgoing network traffic for behaveiour anomaly detection. In: Proc. of the Conference Information Security of Russian Regions (ISRR 2011). St. Petersburg, Russia (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Peter D. Zegzhda
    • 1
  • Dmitry P. Zegzhda
    • 1
  • Alexey V. Nikolskiy
    • 1
  1. 1.Information Security CenterSt. Petersburg Polytechnical UniversitySt. PetersburgRussia

Personalised recommendations