Multi-level virtual desktop security enhancement technology based on docker and X server
Authors: 
Guangqiang Luan, Yuebin Bai, Chao Yu, Xudong Zhang, Rui Wang, Longshe HuoAuthors Info & Claims
Pages 163 - 168
Abstract
With the development of virtualization technology, desktop virtualization is becoming more and more mature. Desktop virtualization can effectively isolate the use of users and the management of the system, but in the access to virtual desktops, its security has become a key factor which can't be ignored. In this paper, we propose a set of technologies that enhance the security of virtual desktops and can effectively secure virtual desktops from multiple levels. We improve the spice protocol and implement the multi-level access mechanism of users and virtual desktops. The Docker technology is used to implement the isolation of the communication, storage and network between the virtual desktop processes. Based on the X server mechanism, we isolate the virtual desktop client from GUI Level. The experimental results have shown the effects from various aspects, as well as differences in performance with the original client.
References
[1]
Desktop virtualization, https://en.wikipedia.org/wiki/Desktop_virtualization.
[2]
N. Bila, E. J. Wright, E. D. Lara, et al. 2015. Energy-Oriented Partial Desktop Virtual Machine Migration{J}. ACM Transactions on Computer Systems. 33(1).
[3]
H. Lee, J. Lee. 2010. Design for management software of desktop virtualization solutions{C}// 2010 International Conference on Information and Communication Technology Convergence. 531--532.
[4]
J. Cito, G. Schermann, J. E. Wittern, P. Leitner, S. Zumberi, H. C. Gall. 2017. An empirical analysis of the docker container ecosystem on GitHub{C}// Proceedings of the 14<sup>th</sup> International Conference on Mining Software Repositories. 323--333.
[5]
J. E. Baldeschwieler, T. Gutekunst, B. Plattner. 1993. A survey of X protocol multiplexors{J}. ACM SIGCOMM Computer Communication Review. 23(2).
[6]
Y. Liu, H. Zhang, J. Ma, Y. Xiao. 2014. Designing of authentication protocol for multi-level security virtual desktops{C}// International Conference on Cloud Computing and Intelligence Systems. 465--469.
[7]
J. Lin, C. Lee, C. Yen, S. Hsu, C. Hsieh, C.Lin. 2013. A Dynamic Network Access Control Mechanism for Virtual Desktop Environment{C}// 2013 15<sup>th</sup> Asia-Pacific Network Operations and Management Symposium. 1--3.
[8]
I. Alobaidan, M. Mackay, P. Tso. 2016. Build Trust in the Cloud Computing - isolation in Container Based Virtualization{C}// 2016 9<sup>th</sup> International Conference on Developments in eSystems Engineering. 143--148.
[9]
Z. Li, M. Kihl, Q. Lu, J. A. Andersson. 2017. Performance Overhead Comparison between Hypervisor and Container based Virtualization{C}// 2017 IEEE 31<sup>st</sup> International Conference on Advanced Information Networking and Applications. 955--962.
[10]
K. Muller, M. Pegah. 2007. Virtualization. Virtually at the Desktop{C}// Proceedings of the 35<sup>th</sup> annual ACM SIGUCCS fall conference.
[11]
H. Rahman, F. Azzedin, A. Shawahna, F. Sajjad, A. S. Abdulrahman. 2016. Performance evaluation of VDI environment{C}// 2016 Sixth International Conference on Innovative Computing Technology. 104--109.
[12]
R. Komatsu, S. Kuribayashi. 2014. Impact of Network Quality Deterioration on User's Perceived Operability in Remote Desktop Environments{C}// International Conference on Network-Based Information Systems. 540--544.
[13]
SPICE(protocol), https://en.wikipedia.org/wiki/SPICE_(protocol).
[14]
R. Dua, A.R. Raja, D. Kakadia. 2014. Virtualization vs Containerization to Support PaaS{C}// International Conference on Cloud Engineering. 610--614.
Index Terms
- Multi-level virtual desktop security enhancement technology based on docker and X server
Recommendations
Virtual machines for enterprise desktop security
AbstractA virtual machine monitor (VMM) allows a single computer to run two or more operating systems at the same time. VMMs are relatively simple and are typically built to high assurance standards, which means that the quality of isolation ...
A performance comparison of linux containers and virtual machines using Docker and KVM
AbstractVirtualization is a foundational element of cloud computing. Since cloud computing is slower than a native system, this study analyzes ways to improve performance. We compared the performance of Docker and Kernel-based virtual machine (KVM). KVM ...
Research on technology of desktop virtualization based on SPICE protocol and its improvement solutions
Increasingly mature cloud computing technology promotes virtual desktop technology, which can solve many problems existing in traditional computing models. However, virtual desktop solutions introduce the thorny problem of how to deliver a real desktop ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © 2018 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 20 April 2018
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ICGDA '18
ICGDA '18: 2018 the International Conference on Geoinformatics and Data Analysis, ICGDA '18
April 20 - 22, 2018
Prague, Czech Republic
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 142Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)0
Reflects downloads up to 23 Nov 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in