Studying Security Criteria’s of Cloud and VM Platforms and

Present New Innovative Solution for it

MEHDI DARBANDI

Department of Electrical Engineering and Computer Science at Iran University of Science and

Technology, IRAN

Abstract: This paper categorized as such: in the first section of this paper, authors present general

information about basis of cloud computing. By the means of several examples they show the

importance of security in such networks. They discuss about security problems in VMware and combine

it with security of cloud computing. After that they present their new novel approach for intensifying

security of such network, they purpose Sequence Unscented Kalman Filtering Algorithm for acquiring

better security. At the end of this paper, authors proof workability and results of applying such algorithm

to the cloud computing by the means of mathematical demonstration and MATLAB simulations.

Keywords: Cloud Computing, Internet technology, Kalman filter.

Received: July 5, 2021. Revised: December 10, 2021. Accepted: December 22, 2021. Published: January 12, 2022.

1. Introduction

Infrastructure clouds make significant use of

virtualization and the clouds provide

computational resources which are consumed

by the means of virtual machines [10]. Due to

this strong connection between these two

technologies, security problems associated with

virtual machines will have an impact on the

overall security of infrastructure clouds.

Therefore a review of existing literature on the

topic of virtual machine security will give us a

useful foundation for analyzing the security of

infrastructure clouds and provides an insight in

the underlying security challenges [10]. Virtual

machines provide a high degree of flexibility by

allowing users to easily create, copy, snapshot,

rollback, and migrate them. This flexibility

results in major adoption of virtual machines by

users for different purposes, e.g., for testing of

software or configurations using snapshots and

the rollback mechanism [10]. The authors of the

paper extracted the following list of security

issues related to virtual machines. Scaling

represents the problem that users now have

multiple virtual machines, e.g., for testing and

development purposes, instead of a very few

number of physical ones [10]. Therefore the

total number of machines drastically increases

within one organization and the workload on

the security systems will increases accordingly.

Diversity in operating systems, OS versions and

patch levels increases the complexity in the

security management of the infrastructure [10].

VMs typically result in a high diversity,

because users have multiple snapshots of VMs

and testers can have a collection of different

VMs. Transience is another security issue

induced by the flexibility of virtual machines

[10]. It

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022

mainly deals with the problem that VMs appear

and disappear very rapidly in the network

which makes security management, e.g., patch

management and vulnerability scanning, very

difficult [10]. The authors describe this as the

missing of a steady state in the network, where

the steady state means that all machines are

patched and properly managed. The Mobility of

a VM, i.e., the VM can easily be copied or

migrated, imposes multiple security problems:

all the hosts, the VM will be executed on, have

to be part of the trusted computing base (TCB)

[10]; sensitive information can leave a security

perimeter or malware is introduced, and the

theft of VMs can easily be done by simply

copying a file. The traditional Software

Lifecycle, i.e., a monotonic forward progress of

the software state, is broken by virtual

machine’s snapshot and rollback mechanisms,

because the execution of the virtual machine

can be forked and be rolled back [10]. In

particular the rollback mechanism induces a lot

of problems regarding freshness of randomness

sources used for cryptographic protocols or

critical patches are removed by a rollback.

Limited Data Lifetime, e.g., for sensitive or

cryptographic information, can be

compromised due to the rollback mechanism

and that the content of the virtual machine’s

memory might be stored on the disk of the host

due to paging, snapshots, or migration [10]. In

traditional computing environments, the

Identity of a machine is often deduced from

properties like the MAC address, the location,

or Ethernet port. Virtual machines however

typically use dynamically created MAC

addresses and they might migrate from one

physical host to another, therefore properties

like the location or Ethernet port will change,

and make it difficult to assign an identity [10].

Now, author of this paper present some

solutions and highlights some benefits about

these technology [10]. The role of the VMM is

to isolate the VMs from each other and the

correctness of enforcing this property is crucial,

therefore a high assurance VMM is required

[10]. Introducing an extended virtualization

layer that overtakes functionality originally

performed in the guest operating systems has a

certain number of benefits. Users do not have

to worry about security management, e.g.,

firewalling or anti-virus detection, if these

mechanisms are provided by the virtualization

layer and are operated by a central

administration staff. Furthermore, these

security services are now independent of the

guest operating systems, which results in a

higher flexibility because a high diversity of

VMs can be securely managed. Regarding the

security issue associated with software lifecycle

and the rollback feature, the virtualization layer

could pro- vide mechanisms to store such

sensitive information and to provide strong

randomness [10].

The security of the Virtual Machine Monitor

(VMM) is crucial, because it provides the

necessary isolation between the hosted VMs

and typically runs with the highest privileges

on the system [10].

Introducing a new software layer, such as the

one providing virtualization, inherently

increases the complexity of the system, which

also increases the possibility of software

security vulnerabilities [10]. Such

vulnerabilities in the VMM can lead to the

break of isolation, i.e., a VM can access other

VMs resources. Different solutions exist to

mitigate security problems in the virtualization

layer which are based on principles of building

secure software [10]: formal verification,

security by isolation and disaggregation, and

reducing the trusted code size [10].

An interesting example for formal verification

of software, which is also relevant for our topic

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022

of VMM security, is the seL4 project, a

formally verified L4 microkernel. The proof

verifies that the implementation in the C

programming languages matches the abstract

specification of the system and implies that

certain software vulnerabilities, like buffer

overflows and null pointer dereferences, are

absent in the implementation. Microkernel and

VMM are very similar, therefore either a

formally verified microkernel acting as a VMM

can be used or adapting the formal proof for

VMMs, although the size of existing VMMs

make formal verification very difficult.

Another approach of improving the security of

the VMM is to reduce the complexity and

trusted code base (TCB) by means of

decomposition. An approach for extracting the

domain builder functionality of the Xen dom0

into a separate domain. With a separate domain

builder VM, the user-space of dom0 can be

removed from the TCB, because no privileged

functionality for VM construction and

management need to be exposed to user-space

applications, e.g., xend. However, in their

current state the dom0 kernel is still part of the

TCB due to required interaction with physical

I/O devices. Besides the dom0 kernel, the Xen

hypervisor and the domain builder are part of

the TCB [10].

The recent prototype operating system Qubes

OS implements, among other security features,

disaggregation of Xen dom0 by establishing

driver domains which are limited to a specific

hardware resource by the means of IOMMU as

implemented by Intel VT-d, i.e., the VMM

monitors DMA requests and can possibly

restrict them [10]. These driver domains can

run with limited privileges and the overall

complexity of dom0 can be reduced. Thereby

software vulnerability in one of the drivers will

not result in a break of isolation when running

in a non-privilege driver domain compared to

running in dom0. IOMMU would also benefit

the disaggregation of Xen using a domain

builder VM, because the dom0 kernel could be

removed from the TCB when I/O with physical

devices is offloaded to driver domains. The

virtualization architecture NOVA uses a

minimal microkernel, with a size similar to the

formally verified seL4, and provides

virtualization functionality as user-land

applications. Therefore the amount of high

privilege code is reduced to a minimal

microkernel-based hypervisor [10].

Since Unscented Kalman Filter (UKF) is

proposed by Julier and Uhlman, it has absolved

many researchers to study it, and many kinds of

new algorithms [2-6] with different accuracies

have come out. Unlike the Extend Kalman

Filter (EKF), which is based on the linearizing

the nonlinear function by using Taylor series

expansions, UKF uses the true nonlinear

models and approximates a distribution of the

state random variable [11]. Furthermore, it only

needs a minimal set carefully chosen sample

points, by which the posterior mean and

covariance can be accurate to the second order

for any nonlinearity, avoiding Jacobian’s

computation. If the priori random variable is

Gaussian, the estimation of the posterior mean

and covariance can could be accurate to the

third order. It can be seen that in all the UKF

algorithms it needs inversing the matrix in

measurement update. The dimension of the

inversed matrix is equal to that of measurement

vector. If the dimension of the measurement is

very large, so it could cost a great computing

time. In order to decrease the computing cost

and not to inverse the matrix, a sequence

method is used to solve this problem [11].

In this paper, the sequence UKF is proposed. It

deals with nonlinear stochastic system with

2. Sequence Unscented Kalman

Filtering Algorithm:

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022

linear measurement. Based on RBUKF and

traditional Kalman Filter (KF), it deduced the

special algorithm for the sequence UKF in case

of the covariance matrix of measurement noise

is diagonal matrix or not. In theory it is proven

that the sequence UKF has the same estimation

accuracy with RBUKF, but has lower

computational cost. Simulation results verify

the high performance of sequence UKF.

UKF is used to solve the estimation problem

for any nonlinear system. The considered

nonlinear system is represented by [11]:

1()

()

k kk

+= +



= +



x fx v

z hx w

Where

and

denote the state vector with

dimension and the measurement vector with

-dimension at step

, respectively. The

nonlinear mapping

f( )⋅

and

h( )⋅

are assumed to

be continuously differentiable with respect

.Moreover,

N( ; , )

k kk

v v 0Q

denote the

process noise with

-dimension.

N( ; , )

k kk

w w 0R

denote the measurement

noise with

-dimension. k

and

are

independent of each other.

Like Kalman Filter (KF), UKF is also a

minimum mean-square error estimator

(MMSE). For system (1), the mechanism of

MMSE is time-update and measurement-update

as follows [11]:

Time-update:

/1 1

[f( )]

kk k

−−

=xx

[]

kk k k

−

=P ee

Measurement-update:

k kk k n−

= +xx Wυ

k kk

= −υzz

ˆ[h( )]

E=zx

/1 T

k kk k k k−

= −P P WSW

Where

k k kk−

= −exx

, the weight matrix

chosen to minimize the trace of the updated

covariance

. Its value is calculated from [11]:

1xz

k kk

−

=W PS

Where

is the cross covariance

between

and

is the covariance of

UKF is based on the mechanism above. By

applying the unscented transformation (UT) to

a number of chosen sigma

points,

/1kk−

and

can be

approximately expressed by the linear

composition of the transformed sigma points.

So UKF solves the nonlinear estimation

problem using MMSE mechanism. When

measurement equation in system is linear, it

changes to system as follows [11]:

1f( )

k kk

k kk k

+= +



= +



x xv

zH w

To solve the estimation problem for system, it

only needs transformed sigma points to

estimate

/1kk−

and

/1kk−

, and

and

can be

computed accurately. So the UKF algorithm

can be reduced to RBUKF algorithm.

Compared to UKF, RBUKF is not less

computational cost, but also higher accuracies.

The difference part between the UKF and

RBUKF is measurement-update. For

comparison, it only gives the measurement-

update of RBUKF as follows [11]:

, |1 T

zz k k k k k k−

= +P HP H R

, |1 T

k xz k k k−

=P PH

,| 1 ,k xzkk zzk

−

=KP P

|1 |1

ˆ()

k kk k k kk−−

=+−x x Kz z

|1 , T

k k k k zz k k−

= −P P KP K

3. UKF Mechanism:

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022

No matter UKF or RBUKF, it needs to inverse

the matrix in measurement-update. If the

dimension of the measurement vector is very

large, it could be a great computational cost for

compute gain matrix

. In order to avoid

inversing the matrix in computing

, the

sequence UKF will deal with ever component

of measurement vector one by one instead of

the vector at one time. This method needs not

to inverse the matrix and can greatly decrease

computational cost. For system, it deduced the

sequence UKF as follows [11].

Theory I: For system, the measurement-

update in UKF can be computed as follows:

1 11

()

i i iT i i iT i

k kkkkk k

− −−

= +K PH HPH

()

i i i i ii

k k k k kk

−−

=+−x x K Hx

11i i i ii

k k k kk

−−

= −P P KHP

1, 2, ,im= ⋅⋅⋅

Where

is the

-th row in

is the

-th

scalar in the measurement vector at step

the

-th element in diagonal of

[11].

Proof:

Rewrite the measurement equation in system, it

gets [11]:

11 1

12 2

kk k

mm m

kk k

  

  

= +

  

  

 

Because of the form of, the measurement

vector

can be seen as

(

1, 2, ,im= ⋅⋅⋅

) one by

one to update the time-update equations. It

must be noticed that when

one by one

instead of

updates the equations in

measurement-update, it implies that the state

equation is invariant for every

at step

. So

the measurement-update in UKF at step

equivalent to the filtering problem of new

linear systems as follows [11]:

1ii

i ii i

k kk k

−

=



= +





( 1, 2, , )im=

Where

N( ;0, )

i ii

k kk

w wR

, is the equivalent

measurement noise. The initial value of the

filter is

0/1k kk−

=xx

and

0/1k kk−

=PP

So the equivalent linear filter can be easily

derived from classic Kalman Filter equations as

follows:

/1 1ii i

−−

=xx

/1 /1

()

i ii i i i ii

k k k k kk

−−

=+−x x K Hx

/1 /1 1

()

i i i iT i i i iT i

kkkkkkk

− −−

= +K PHHPH

/1 1ii i T

−−

=P IP I

()

i i i ii

k kk k

−

= −P I KH P

1 /1 1 1

() ( ) ()

i i i iT i i

k k kk k

− −− −

= +PP H H

Substituting these recent equations results in

the following, and substituting previous

equations in each other, results in next

equations. So it obtains the new equations for

the measurement-update in UKF as follows:

()

i i i i ii

k k k k kk

−−

=+−x x K Hx

1 11

()

i i iT i i iT i

k kkkkk k

− −−

= +K PH HPH

()

i ii i

k kk k

−

= −P I KH P

1 11 1

() ( ) ()

i i iT i i

k k kk k

− −− −

= +PPH H

By theory I and the UKF mechanism, it obtains

the sequence UKF algorithm as follows:

Calculate sigma points [11]:

,1 ,1

,1 ,1 1

( ( ) ) 1, , ,

( ( ) ) 1, , 2 ,

ik ik

ik ik k i

ik ik k i L

L iL

L iL L

−−

−− −

− − −−

= =



=++ =



=−+ =+





χx

χx P



Tim

e-update:

/1 1

f( )

kk k−−

=χχ

2()

/1 ,/1

kk i ikk

−−

∑

xχ

2()

/1 ,/1 |1 ,/1 /1

( )( )

ncT

kk i ikk kk ikk kk k

− −− − −

= − −+

∑

Pχxχx Q

/1 /1

( 1, 2, , )

i ii

kk k kk

z im

−−

= =Hx 

Measurement-update:

4. Sequence UKF Algorithm

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022

0/1k kk−

=PP

0/1k kk−

=xx

()

i i i i ii

k k k k kk

−−

=+−x x K Hx

1 11

()

i i iT i i iT i

k kkkkk k

− −−

= +K PH HPH

()

i ii i

k kk k

−

= −P I KH P

( 1, 2, , )im=

=xx

=PP

Where

() 2

0( ) (1 )

λ λ αβ

= + +− +

( ) ()

1 [2( )]

WW L

= = +

1,2, ,2iL=

Filtering accuracy Analysis:

For system, in order to comparison of RBUKF

and the sequence UKF, it needs to get the

filtering covariance respectively. Firstly, it is to

derived covariance

of RBUKF. By

definition, it calculates covariance

RBUKF as follows:

ˆ ˆ

[( )( ) ]

k kkkk

E=−−P xxxx

Substitute this equation in previous equations

results in [11]:

/1 /1 /1

k kk kk k k k k kk

k k kk k k

−− −

−

=−−

P P P HK KHP

KHP HK

By previous equations, it obtains

,/ 1 ,/ 1

/1 /1

()

k xzk k zzk k

kk k kk k k

−

−−

−

−−

= +

KP P

P HP H R

Substituting these recent equations results in:

/1 /1 /1 /1

1 11

()

k kk kk k k kk k k k kk

kk k k k

−

−− − −

− −−

−

=−+

= +

P P P H HP H R HP

P HR H

By inversing both sides of this equation, it

obtains [11]:

11 1

1/ T

k kk kk k

−− −

−

= +P P HR H

Because of:

[]

T T mT T

k kk k

=H HH H

1 12 1

11 21 1

( ( ))

(( ) ( ) ( ) )

k kk k

kk k

diag R R R

−−

−− −

R



Substituting these recent equations in each

other, and doing matrices multiplication, it gets

11 1

1/ 1

()

k kk kk k

miT i i

kk k k k

−− −

−

−−

−

= +

= + ∑

P P HR H

P HH

Secondly, it calculates the covariance of the

sequence UKF. By the measurement-update

equation, it easily gets

1 11 1

21 1 11 1

01 1 11 1

() ( ) ()

( ) ( )( )

()

( ) ( )( )

m m mT m m

k k kk k

m mT m m

k kk k

mT m m

kk k

miT i i

k kk k

− −− −

− − − −− −

−

− − −− −

= +

= + ∑

PPH H

PH H



Substituting previous equations in this equation

results in the covariance of the sequence UKF

as follows:

11 1

/1 1

( ) ( ) ( )( )

miT i i

k kk k k k

−− −

−

= = + ∑

PP H H

Compare these two recent equations, it can be

seen that the covariance of the sequence UKF

is equal to that of RUKF, which means that the

accuracies of the two filters are the same in

theory [11].

Computational Complexity Analysis:

In the sequence UKF algorithm, because

1i i iT i

kk k k

−+HP H is a scalar, so this algorithm has

successfully converted the inversion of

dimension matrix into

times division. The

computational complexity has been greatly

decreased. In order to compare the

computational complexity between the

sequence UKF and RBUKF, for their time-

update algorithms are the same, here only gives

the comparison results of their measurement-

update algorithms in table I. From this table, it

can be seen that number of calculating times in

RBUKF algorithm contains the third order of

measurement dimension, while the sequence

UKF has only second order component. So

5. Algorithm Performance

Analysis:

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022

when the measurement dimension is large, the

computational cost in the sequence UKF will

be much less [11].

TABLE I

CALCULATION TIMES COMPARISON

Algorith

Num of

×÷

Num of

+−

The

sequence

UKF

(5 1) 2

m n mn

mm m

−+

+ ++

5 ( 4)

mn m m n

+−

RBUKF

44mn mn m++

4mn

In order to show the efficiency of the sequence

UKF, it is applied to an example system in

comparison with the RBUKF. Estimation

performance and computational complexity of

the filters are evaluated with Monte Carlo

simulations [11].

The numerical example considered in this

section is a fifth-order nonlinear model given

by system, with four-dimension measurement.

21,

1, 2, 2, 3,

22,

1, 2, 5,

23,

1, 2, 3,

24,

5, 4, 2,

25,

4, 3, 1,

sin cos 0.5 0.1( )

sin (sin ) 0.1

cos exp( ) 0.1( )

sin cos ( ) 0.5

sin cos ( ) 0.1

kk k k

kk k

k kk

xx x x

xx x

x xx



+− 



+−



+−+



+−



+−





0.1 0.2 0 0 0

0.15 0 0 0 0

0 0 0 0.1 0.5

0 0 10 1

−





=

−





The covariance matrices of

and

are:

0.0001

=QI

0.01

=RI

The initial conditions for the system and the

filters are [11]:

1,0 2,0 3,0 4,0 5,0

0.5xxxxx= = = = =

1,0 2,0 3,0 4,0 5,0

ˆ ˆ ˆ ˆ ˆ 2xxxxx= = = = =

And the initial covariance matrix is chosen as

ˆ100=PI

050 100 150 200 250 300

-1

-0.5

0.5

1.5

t/step

RBUKF

sequence UKF

Fig.1 Comparison of state

050 100 150 200 250 300

0.2

0.4

0.6

0.8

t/step

coraviance P of X5

sequence UKF RBUKF

Fig.2 Comparison covariance of

100

200

300

400

500

600

700

in seq-UKF

in UKF

÷×

in seq-UKF

÷×

in RBUKF

N/times

Fig.3 comparison of computational complexity

For briefness, it only shows the filtering results

of state

. From fig. 1, it can be seen the

filtering accuracy of the sequence UKF is same

with that of RBUKF, but curve of the RBUKF

is more fluctuant than that of the sequence

UKF, which means that the sequence UKF

6. Numerical Simulation:

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022

maybe has a better filtering performance in

actually usage. Fig. 2 is the filtering covariance

of the two filters. It can be seen that the

filtering covariance is almost equal to each

other. Fig. 3 is the comparison of the

computational complexity between the two

filters for the example. It shows that the

number of multiplication and division in the

sequence UKF is much smaller than that in

RBUKF, so is it for the number of addition and

subtraction. It verifies that the computational

complexity of sequence is less than RBUKF.

For the computational cost of RBUKF is less

than traditional UKF, So the sequence UKF

will have great advantage in comparison with

UKF [11].

In this paper, at first authors discuss about

different aspects of cloud computing. They

discuss about literature and principles of this

technology. After that, they highlight the

security of such network and remark this

important factor by the means of several

examples. After that, authors discuss about

security problems of VMware’s and cloud

infrastructures and by purposing new

generation of Kalman filter they attempt to

overcome to this problem. Authors claim that

by using of such algorithm like Kalman filter

(that is based on knowing past and present

states and predict future state according to

them) they can estimate and predict about lots

of important factors and avoid lots of crashes.

[1] Mehdi Darbandi “Applying Kalman

Filtering in solving SSM estimation problem

by the means of EM algorithm with

considering a practical example”; published

by the Journal of Computing – Springer,

2012; USA.

[2] Mehdi Darbandi; “Comparison between

miscellaneous platforms that present for

cloud computing and accreting the security

of these platforms by new filter”; published

by the Journal of Computing – Springer,

2012; USA.

[3] Mehdi Darbandi; “New and novel technique

in designing electromagnetic filter for

eliminating EMI radiations and optimization

performances”; published by the Journal of

Computing - Springer, 2012; USA.

[4] Mehdi Darbandi; “Developing concept of

electromagnetic filter design by considering

new parameters and use of mathematical

analysis”; published by the Journal of

Computing - Springer, 2012; USA.

[5] Mehdi Darbandi; “Is the cloud computing

real or hype Affirmation momentous traits

of this technology by proffering maiden

scenarios”; published by the Journal of

Computing – Springer, 2012; USA.

[6] Mehdi Darbandi; “Measurement and

collation overriding traits of computer

networks and ascertainment consequential

exclusivities of cloud computing by the

means of Bucy filtering”; published by the

Journal of Computing - Springer, 2012;

USA.

[7] Mehdi Darbandi; “Unabridged collation

about multifarious computing methods and

outreaching cloud computing based on

innovative procedure”; published by the

Journal of Computing - Springer, 2012;

USA.

[8] Mehdi Darbandi; “Scrutiny about all

security standards in cloud computing and

present new novel standard for security of

such networks”; published by the Journal of

Computing - Springer, 2012; USA.

[9] Microsoft’s Accessible Technology Vision

and Strategy; September 2011.

[10] MSc. Thesis of Sören Bleikertz; Norwegian

University of Science and Technology; June

2010.

[11] Hui-ping Li, De-min Xu and Fu-bin Zhang ;

“Sequence Unscented Kalman Filtering

Algorithm”.

[12] Mehdi Darbandi; “Appraising the role of

cloud computing in daily life and presenting

new solutions for stabilization of this

technology”; published by the Journal of

Computing - Springer, 2012; USA.

7. Conclusion:

References

Creative Commons Attribution License 4.0

(Attribution 4.0 International, CC BY 4.0)

This article is published under the terms of the Creative

Commons Attribution License 4.0

https://creativecommons.org/licenses/by/4.0/deed.en_US

WSEAS TRANSACTIONS on COMMUNICATIONS

DOI: 10.37394/23204.2022.21.4

Mehdi Darbandi

E-ISSN: 2224-2864

Volume 21, 2022