A two-step execution mechanism for thin secure hypervisors

Proceedings - 2009 3rd International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2009

Volumn , Issue , 2009, Pages 129-135

  Hirano, Manabu ^a   Shinagawa, Takahiro ^b   Eiraku, Hideki ^b   Hasegawa, Shoichi ^b   Omote, Kazumasa ^b   Tanimoto, Koichi ^b   Horie, Takashi ^b   Mune, Seiji ^b   Kato, Kazuhiko ^b   Okuda, Takeshi ^c   Kawai, Eiji ^c   Yamaguchi, Suguru ^c  

^a TOYOTA NATIONAL COLLEGE OF TECHNOLOGY   (Japan)

^b UNIVERSITY OF TSUKUBA   (Japan)

^c NARA INSTITUTE OF SCIENCE AND TECHNOLOGY   (Japan)

Author keywords

[No Author keywords available]

Indexed keywords

HYPERVISOR; LINES OF CODE; MEASUREMENT RESULTS; OPERATING SYSTEMS; PROTOTYPE IMPLEMENTATIONS; RUNTIMES; SECURITY SERVICES; SECURITY VULNERABILITIES; TRUSTED COMPUTING BASE; VIRTUAL MACHINE MONITORS;

COMPUTER OPERATING SYSTEMS; SOFTWARE PROTOTYPING;

SECURITY OF DATA;

EID: 70449466613     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECURWARE.2009.27     Document Type: Conference Paper

References (22)

1. L. Seawright and R. MacKinnon. VM/370 - a study of multiplicity and usefulness. IBM Systems Journal, pages 4-17, 1979.
2. Stuart E. Madnick and John J. Donovan. Application and analysis of the virtual machine approach to information system security and isolation, Proceedings of the workshop on virtual computer systems. In ACM Press, pages 210-224, 1973.
3. DEPARTMENT OF DEFENSE STANDARD. Epartment of defense trusted computer system evaluation criteria. DoD 5200.28-STD, Dec 1998.
4. Meushaw, R. and D. Simard. NetTop: Commercial Technology in High Assurance Applications. In National Security Agency Tech Trend Notes, 2000.
5. Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh. Terra: a virtual machine-based platform for trusted computing. In Proceedings of the ACM Symposium on Operating Systems Principles, pages 193-206, 2003.
6. Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ramon Caceres, Ronald Perez, Stefan Berger, John Linwood Griffin, Leendert van Doorn. Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor. In Annual Computer Security Application Conference, pages 276-285, 2005.
7. VMware. http://www.vmware.com/.
8. Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. Xen and the art of virtualization. In SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 164-177, New York, NY, USA, 2003. ACM.
9. Derek Gordon Murray, Grzegorz Milos, and Steven Hand. Improving Xen security through disaggregation. In VEE '08: Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, pages 151-160, New York, NY, USA, 2008. ACM.
10. VMware. VMware ESX Server Virtual Infrastructure Node Evaluators Guide, 2005. http://www.vmware.com/pdf/esx vin eval.pdf.
11. Lenin Singaravelu, Calton Pu, Hermann Härtig, and Christian Helmuth. Reducing TCB complexity for security-sensitive applications: three case studies. In EuroSys '06: Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006, pages 161-174, New York, NY, USA, 2006. ACM.
12. Arvind Seshadri, Mark Luk, Ning Qu, and Adrian Perrig. SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In SOSP '07: Proceedings of twenty-first ACMSIGOPS symposium on Operating systems principles, pages 335-350, New York, NY, USA, 2007. ACM.
13. Lei Xia, Jack Lange, and Peter A. Dinda. Towards Virtual Passthrough I/O on Commodity Devices. In Muli Ben-Yehuda, Alan L. Cox, and Scott Rixner, editors, Workshop on I/O Virtualization. USENIX Association, 2008.
14. Takahiro Shinagawa, Hideki Eiraku, Kouichi Tanimoto, Kazumasa Omote, Shoichi Hasegawa, Takashi Horie, Manabu Hirano, Kenichi Kourai, Yoshihiro Oyama, Eiji Kawai, Kenji Kono, Shigeru Chiba, Yasushi Shinjo, and Kazuhiko Kato. BitVisor: A Thin Hypervisor for Enforcing I/O Device Security. In Proc. the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, March 2009.
15. Manabu Hirano, Takeshi Okuda, Eiji Kawai and Suguru Yamaguchi. Design and Implementation of a Portable IDManagement Framework for a Secure Virtual Machine Monitor. Journal of Information Assurance and Security (JIAS), Dynamic Publishers, 2:211-216, 2007.
16. Manabu Hirano, Takahiro Shinagawa, Hideki Eiraku, Shoichi Hasegawa, Kazumasa Omote, Koichi Tanimoto, Takashi Horie, Kazuhiko Kato, Takeshi Okuda, Eiji Kawai, and Suguru Yamaguchi. Introducing Role-based Access Control to a Secure Virtual Machine Monitor: Security Policy Enforcement Mechanism for Distributed Computers. In Proc. the IEEE International Workshop on Dependable and Secure Services Computing 2008, Dec. 2008.
17. Intel Corporation. Intel Virtualization Technology Specification for the IA-32 Intel Architecture, April 2005.
18. Andy Pfiffer. Reducing System Reboot Time with kexec. http://developer.osdl.org/.
19. David A. Wheeler. SLOCCount. http://www.dwheeler.com/sloccount/.
20. RSA Laboratories. PKCS #11: Cryptographic Token Interface Standard v2.20, 2001.
21. PC/SC Workgroup. PC/SC Workgroup Specifications 2.01.5, 2008.
22. Intel Corporation. Intel Trusted Execution Technology Software Development Guide, 2008.