Architectural support for secure virtualization under a vulnerable hypervisor

Proceedings of the Annual International Symposium on Microarchitecture, MICRO

Volumn , Issue , 2011, Pages 272-283

  Jin, Seongwook ^a   Ahn, Jeongseob ^a   Cha, Sanghoon ^a   Huh, Jaehyuk ^a  

^a Korea Advanced Institute of Science and Technology (KAIST)   (South Korea)

Author keywords

[No Author keywords available]

Indexed keywords

ARCHITECTURAL SUPPORT; CLOUD SYSTEMS; COMPUTING MODEL; FULL CONTROL; HARDWARE COST; HARDWARE MECHANISM; HARDWARE RESOURCES; HARDWARE SUPPORTS; HYPERVISOR; MEMORY ISOLATION; MEMORY PAGES; MEMORY VIRTUALIZATION; PAGE TABLE; PHYSICAL MEMORY; PHYSICAL SYSTEMS; RESOURCE MANAGEMENT; VIRTUAL MACHINES; VIRTUALIZATIONS;

CLOUD COMPUTING; VIRTUAL REALITY;

HARDWARE;

EID: 84858790227     PISSN: 10724451     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2155620.2155652     Document Type: Conference Paper

References (51)

1. Advanced Micro Devices. AMD I/O Virtualization Technology (IOMMU) Specification, 2009.
2. Advanced Micro Dvices. Secure Virtual Machines Architecture Reference Manual, 2005.
3. Advanced Micro Dvices. AMD64 Architecture Programmer's Mannual: Volume 2: System Programming, 2007.
4. Advanced Micro Dvices. AMD-V Nested Paging, 2008.
5. Amazon Elastic Compute Cloud (Amazon EC2). http://aws.amazon.com/ec2, 2008.
6. R. Anderson and M. Kuhn. Low Cost Attacks on Tamper Resistant Devices. In Security Protocols: 5th International Workshop, LNCS, pages 125-136, 1997.
7. A. M. Azab, P. Ning, E. C. Sezer, and X. Zhang. HIMA: A Hypervisor-Based Integrity Measurement Agent. In Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC 2009, pages 461-470.
8. A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, and N. C. Skalsky. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity. In Proceedings of th 17th ACM Conference on Computer and Communications Security, CCS 2010, pages 38-49.
9. D. J. Bernstein. Cache-timing attacks on AES. Technical report, 2005.
10. D. Champagne and R. B. Lee. Scalable Architectural Support for Trusted Software. In Proceedings of the 16th IEEE International Symposium on High-Performance Computer Architecture, HPCA 2010, pages 1-12.
11. X. Chen, T. Garfinkel, E. C. Lewis, P. Subrahmanyam, C. A. Waldspurger, D. Boneh, J. Dwoskin, and D. R. K. Ports. Overshadow: a Virtualization-based Approach to Retrofitting Protection in Commodity Operating Systems. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2008, pages 2-13.
12. A. R. Chunxiao Li and N. K. Jha. Secure Virtual Machine Execution under an Untrusted Management OS. In In Proceedings of 2010 IEEE 3rd International Conference on Cloud Computing (CLOUD), CLOUD 2010, pages 172-179.
13. H. C. Fengzhe Zhang, Jin Chen and B. Zang. CloudVisor: Retrofitting Protection of Virtual Machines in Multi-tenant Cloud with Nested Virtualization. In To Appear the 23rd ACM Symposium on Operating Systems Principles, SOSP 2011.
14. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machine-based platform for trusted computing. In Proceedings of the 19th ACM Symposium on Operating Systems Principles, SOSP 2003, pages 193-206.
15. D. Gupta, S. Lee, M. Vrable, S. Savage, A. C. Snoeren, G. Varghese, G. M. Voelker, and A. Vahdat. Difference Engine: Harnessing Memory Redundancy in Virtual Machines. In Proceedings of the 8th USENIX conference on Operating systems design and implementation, OSDI'08, pages 309-322, 2008.
16. M. A. Halcrow. eCryptfs: An Enterprise-class Cryptographic Filesystem for Linux. In Proceedings of the Linux Symposium, Linux 05, pages 201-218.
17. J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest We Remember: Cold-boot Attacks on Encryption Keys. Commun. ACM, 52:91-98, May 2009.
18. Intel. Intel Virtualization Technology for Directed I/O, 2011.
19. Intel Corporation. Intel Advanced Encryption Standard (AES) Instruction Set, 2011.
20. T. Jaeger, R. Sailer, and U. Shankar. PRIMA: policy-reduced integrity measurement architecture. In Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006, pages 19-28.
21. S. Jin and J. Huh. Secure MMU: Architectural Support for Memory Isolation among Virtual Machines. In Proceedings of the 7th Workshop on Hot Topics in System Dependability, HotDep 2011.
22. E. Keller, J. Szefer, J. Rexford, and R. B. Lee. NoHype: virtualized cloud infrastructure without the virtualization. In Proceedings of the 37th annual international symposium on Computer architecture, ISCA 2010, pages 350-361.
23. G. H. Kim and E. H. Spafford. The Design and Implementation of Tripwire: a File System Integrity Checker. In Proceedings of the 2nd ACM Conference on Computer and communications security, CCS 1994, pages 18-29.
24. R. B. Lee, P. C. S. Kwan, J. P. McGregor, J. Dwoskin, and Z. Wang. Architecture for Protecting Critical Secrets in Microprocessors. In Proceedings of the 32nd annual international symposium on Computer Architecture, ISCA 2005, pages 2-13.
25. D. Lie, C. A. Thekkath, and M. Horowitz. Implementing an Untrusted Operating System on Trusted Hardware. In Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 178-192, 2003.
26. D. Lie, C. A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. C. Mitchell, and M. Horowitz. Architectural Support for Copy and Tamper Resistant Software. In Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, ASPLOS 2000, pages 168-177.
27. J. M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. D. Gligor, and A. Perrig. TrustVisor: Efficient TCB Reduction and Attestation. In Proceedings of the 2010 IEEE Symposium on Security and Privacy, S&P 2010, pages 143-158.
28. R. C. Merkle. Protocols for Public Key Cryptosystems. In Proceedings of the 1980 IEEE Symposium on Security and Privacy, S&P 1980, pages 122-134.
29. G. Miłós, D. G. Murray, S. Hand, and M. A. Fetterman. Satori: Enlightened Page Sharing. In Proceedings of the 2009 conference on USENIX Annual technical conference, USENIX'09, 2009.
30. D. G. Murray, G. Milos, and S. Hand. Improving Xen Security through Disaggregation. In Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, VEE 2008, pages 151-160.
31. G. Neiger, A. Santoni, F. Leung, D. Rodger, and R. Uhlig. Intel Virtualization Technology: Hardware Support for Effcient Processor Virtualization. Intel Technology Journal, 10(03):167-178, 2006.
32. D. A. Osvik, A. Shamir, and E. Tromer. Cache Attacks and Countermeasures: the Case of AES. In RSA Conference Cryptographers Track, CT-RSA 2006, pages 1-20, 2005.
33. D. Page. Defending against cache-based side-channel attacks. Information Security Technical Report, 8:30-44, March 2003.
34. A. G. Pennington, J. L. Griffin, J. S. Bucy, J. D. Strunk, and G. R. Ganger. Storage-Based Intrusion Detection. ACM Transactions on Information and System Security, 36(7):18-29, 2003.
35. RUBiS Benchmark. http://rubis.ow2.org, 2008.
36. Secunia Vulnerability Report: VMware ESX Server 4.x. http://secunia.com/ advisories/product/25985/, 2010.
37. Secunia Vulnerability Report: Xen 3.x. http://secunia.com/advisories/ product/15863/, 2010.
38. Security Is Chief Obstacle To Cloud Computing Adoption. http://www.darkreading.com/securityservices/security/perimeter/showArti%cle. jhtml?articleID=221901195, 2009.
39. G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. AEGIS: Architecture for Tamper-evident and Tamper-resistant Processing. In Proceedings of the 2003 International Conference on Supercomputing, ICS 2003, pages 160-171.
40. Survey: Cloud Computing "No Hype", But Fear of Security and Cloud Slowing Adoption. http://www.circleid.com/posts/20090226-cloud-computing- hype-security, 2009.
41. R. Ta-Min, L. Litty, and D. Lie. Splitting Interfaces: Making Trust Between Applications and Operating Systems Configurable. In Proceedings of the 7th Symposium on Operating Systems Design and Implementation, pages 279-292.
42. Trusted Platform Module. http://www.trustedcomputinggroup.org/developers/ trusted-platform-module%.
43. VMware ESX and ESXi. http://www.vmware.com/products/vsphere/esxi-and-esx/ index.html, 2010.
44. VolanoMark. http://www.volano.com/benchmark, 2009.
45. C. A. Waldspurger. Memory Resource Management in VMware ESX Server. In Proceedings of the 5th symposium on Operating systems design and implementation, OSDI'02, pages 181-194, New York, NY, USA, 2002. ACM.
46. Z. Wang and X. Jiang. HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity. In IEEE Symposium on Security and Privacy, S&P 2010, pages 380-395.
47. Z. Wang and R. B. Lee. New Cache Designs for Thwarting Software Cache-based Side Channel Attacks. ACM SIGARCH Computer Architecture News, 35:494-505, May 2007.
48. Windows Azure Platform. http://www.microsoft.com/windowsazure/, 2010.
49. Xen Hypervisor. http://www.xen.org/, 2010.
50. J. Yang and K. G. Shin. Using Hypervisor to Provide Data Secrecy for User Applications on a Per-Page Basis. In Proceedings of the 4th International Conference on Virtual Execution Environments, VEE 2008, pages 71-80.
51. N. Zeldovich, H. Kannan, M. Dalton, and C. Kozyrakis. Hardware Enforcement of Application Security Policies Using Tagged Memory. In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2008, pages 225-240.