On state of the art in virtual machine security

Conference Proceedings - IEEE SOUTHEASTCON

Volumn , Issue , 2012, Pages

  Chen, Qian ^a   Mehrotra, Rajat ^a   Dubeyy, Abhishek ^b   Abdelwahed, Sherif ^a   Rowland, Krisa ^c  

^a MISSISSIPPI STATE UNIVERSITY   (United States)

^b VANDERBILT UNIVERSITY   (United States)

^c US ARMY ENGINEER RESEARCH AND DEVELOPMENT CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER HARDWARE; NETWORK SECURITY; VIRTUAL REALITY; VIRTUALIZATION;

COMPUTING RESOURCE; COMPUTING SERVICES; DATA CENTER SERVICES; MULTIPLE OPERATING SYSTEMS; ON STATE; POWER EFFICIENT; SERVICE PROVIDER; STATE OF THE ART; SYSTEM STACKS; VIRTUALIZATIONS;

VIRTUAL MACHINE;

EID: 84861488693     PISSN: 10910050     EISSN: 1558058X     Source Type: Conference Proceeding    
DOI: 10.1109/SECon.2012.6196905     Document Type: Conference Paper

References (38)

1. Siqin Zhao, Kang Chen, and Weimin Zheng. The application of virtual machines on system security. In CHINAGRID '09: Proceedings of the 2009 Fourth ChinaGrid Annual Conference, pages 222-229, Washington, DC, USA, 2009. IEEE Computer Society.
2. D Gracanin and T Williams. A virtual reality based interface to a dynamic resource allocation scheduler, pages 254-258. 1995.
3. J. Kirch. Virtual machine security guidelines. September 2007.
4. Matias Zabaljauregui. Grid operating systems/middlewares and new virtualization techniques. Technical report, New Technologies Research Laboratory, 2009.
5. Jenni Susan Reuben. A survey on virtual machine security. 2007.
6. Java se at a glance. http://www.oracle.com/technetwork/java/javase/ overview/index.html[Nov2011].
7. Hypercall xen wiki. http://wiki.xen.org/xenwiki/hypercall[Nov2011].
8. Michael T. Hoesing. Virtualization security assessment. Information Security Journal: A Global Perspective, 18(3):124-130, 2009.
9. Tavis Ormandy. An empirical study into the security exposure to hosts of hostile virtualized environments. Test, pages 1-10, 2007.
10. Vmware vsphere for enterprise. http://www.vmware.com/products/vsphere/ overview.html[Nov2011].
11. Using vmware: Understanding the virtual switch. http://www. virtualizationadmin.com/articles-tutorials/vmware-esx-and-vsphere-articles/ installation-deployment/vmware-understanding-virtual-switch.html[Jan2012].
12. Vmware vcenter server virtualization management. http://www.vmware.com/ products/vcenter-server/overview.html[Nov2011].
13. S. Zhou. Virtual networking. SIGOPS Oper. Syst. Rev:44:80-85, December 2010.
14. Separation of duties in virtual environments. 2011.
15. Vmware: Vix api blog: What is vix and why does it matter? http://blogs.vmware.com/vix/2008/07/what-is-vix-and.html[Nov2011].
16. Blue pill (software). http://en.wikipedia.org/wiki/Blue Pill (malware) [Nov2011].
17. Jon Oberheide, Evan Cooke, and Farnam Jahanian. Exploiting Live Virtual Machine Migration. In BlackHat DC Briefings, Washington DC, February 2008.
18. Tal Garfinkel and Mendel Rosenblum. When virtual is harder than real: Security challenges in virtual machine based computing environments. In In 10th Workshop on Hot Topics in Operating Systems, 2005.
19. Jinpeng Wei, Xiaolan Zhang, Glenn Ammons, Vasanth Bala, and Peng Ning. Managing security of virtual machine images in a cloud environment. In Proceedings of the 2009 ACM workshop on Cloud computing security, CCSW '09, pages 91-96, New York, NY, USA, 2009. ACM.
20. Introduction to storage area networks. http://www.redbooks.ibm.com/ redbooks/pdfs/sg245470.pdf[Jan2012].
21. iscsi host platforms. http://www.netapp.com/us/products/protocols/ip-san/ [Nov2011].
22. Zhang Xiao and Li Zhanhuai. Research on security of storage area network. In Proceedings of the 3rd international conference on Information security, InfoSecu '04, pages 238-239, New York, NY, USA, 2004. ACM.
23. Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. Xen and the art of virtualization. In SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 164-177, New York, NY, USA, 2003. ACM.
24. Geoffrey Strongin. Trusted computing using amd "pacifica" and "presidio"secure virtual machine technology. Inf. Secur. Tech. Rep., 10:120-132, January 2005.
25. Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ramon Caceres, Ronald Perez, Stefan Berger, John Linwood Griffin, and Leendert van Doorn. Building a mac-based security architecture for the xen open-source hypervisor. In ACSAC '05: Proceedings of the 21st Annual Computer Security Applications Conference, pages 276-285, Washington, DC, USA, 2005. IEEE Computer Society.
26. Trent Jaeger Ronald Perez Leendert van Doorn John Linwood Griffin Stefan Berger Reiner Sailer, Enriquillo Valdez. shype: Secure hypervisor approach to trusted virtualized systems. Technical report, IBM, 2005.
27. Paul A. Karger. Multi-level security requirements for hypervisors. In ACSAC '05: Proceedings of the 21st Annual Computer Security Applications Conference, pages 267-275, Washington, DC, USA, 2005. IEEE Computer Society.
28. George Coker. Xen security modules (xsm). Xen Summit, pages 1-33, 2006.
29. Wei Han, Yeping He, and Liping Ding. Verifying the safety of xen security modules. Secure Software Integration and Reliability Improvement Companion, IEEE International Conference on, 0:30-34, 2011.
30. C. Chaubal. Security hardening vmware infrastructure 3 (vmware esx 3.5 and vmware virtualcenter 2.5). 2008.
31. Vmware vsphere 4.0 security hardening guide. 2010.
32. Steve Muir, Larry Peterson, Marc Fiuczynski, Justin Cappos, and John Hartman. Proper: Privileged operations in a virtualised system environment. pages 50-56, 2005.
33. Kara Nance, Matt Bishop, and Brian Hay. Virtual machine introspection: Observation or interference. IEEE Security and Privacy, 6:32-37, September 2008.
34. Tal Garfinkel and Mendel Rosenblum. A virtual machine introspection based architecture for intrusion detection. In In Proc. Network and Distributed Systems Security Symposium, pages 191-206, 2003.
35. John McDermott and Leo Freitas. A formal security policy for xenon. In Proceedings of the 6th ACM workshop on Formal methods in security engineering, FMSE '08, pages 43-52, New York, NY, USA, 2008. ACM.
36. Nguyen Anh Quynh and Yoshiyasu Takefuji. A real-time integrity monitor for xen virtual machine. Networking and Services, International conference on, 0:90, 2006.
37. Nguyen Anh Quynh and Yoshiyasui Takefuji. A novel approach for a file-system integrity monitor tool of xen virtual machine. In Proceedings of the 2nd ACM symposium on Information, computer and communications security, ASIACCS '07, pages 194-202, New York, NY, USA, 2007. ACM.
38. Bryan D. Payne, Ron Perez, Reiner Sailer, Wenke Lee, and Ramon Caceres. A layered approach to simplified access control in virtualized systems. Operating Systems Review, 41, 2007.