Secure VM Migration in Tactical Cloudlets
Tactical cloudlets are forward-deployed, discoverable, virtual-machine-based servers that can be hosted on vehicles or other platforms to provide a computation offload and data staging infrastructure for mobile devices in the field. Because of the mobility of cloudlets in the field, as well as dynamic missions, a mobile user of a cloudlet might need to migrate active capabilities (computation and data) to another trusted cloudlet. A common solution for establishing trust between two nodes is to create and share credentials in advance, and then use a third-party, online trusted authority to validate the credentials of the nodes. However, the characteristics of tactical environments do not consistently provide access to that third-party authority or certificate repository because they are DIL environments (disconnected, intermittent, limited). The goal of this paper is to present a solution for secure VM migration between tactical cloudlets based on secure key generation and exchange in the field. This paper was published as part of the MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM).