Hypervisor-based background encryption

Proceedings of the ACM Symposium on Applied Computing

Volumn , Issue , 2012, Pages 1829-1836

  Omote, Yushi ^a   Chubachi, Yosuke ^a   Shinagawa, Takahiro ^b   Kitamura, Tomohiro ^c   Eiraku, Hideki ^c   Matsubara, Katsuya ^c  

^a UNIVERSITY OF TSUKUBA   (Japan)

^b UNIVERSITY OF TOKYO   (Japan)

^c IGEL Co Ltd   (Japan)

Author keywords

encryption; hypervisor

Indexed keywords

DEPLOYMENT COSTS; DISK IMAGES; ENCRYPTION SCHEMES; ENCRYPTION SYSTEM; EXISTING SYSTEMS; HYPERVISOR; PERFORMANCE PENALTIES;

BENCHMARKING;

CRYPTOGRAPHY;

EID: 84863599761     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2245276.2232073     Document Type: Conference Paper

References (34)

1. A. M. Azab, P. Ning, E. C. Sezer, and X. Zhang. Hima: A hypervisor-based integrity measurement agent. In Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC '09, pages 461-470, 2009.
2. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the nineteenth ACM symposium on Operating systems principles, SOSP '03, pages 164-177, 2003.
3. F. Bellard. Qemu, a fast and portable dynamic translator. In Proceedings of the annual conference on USENIX Annual Technical Conference, ATEC '05, pages 41-41, 2005.
4. Bill Bose. FDE Performance Comparison Hardware Versus Software Full Drive Encryption, February 2010.
5. BitLocker Drive Encryption. http://windows.microsoft.com/en- US/windows7/products/features/bitlocker.
6. G. Cattaneo, L. Catuogno, A. D. Sorbo, and P. Persiano. The design and implementation of a transparent cryptographic file system for unix. In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, pages 199-212, Berkeley, CA, USA, 2001. USENIX Association.
7. CE-Infosys. Compusec release 1.1, January 2003.
8. Citrix XenClient. http://www.citrix.com/xenclient.
9. Crystal Dew World. http://crystalmark.info/.
10. Futuremark Corporation. PCMark Vantage Whitepaper v1.0, November 2007.
11. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: a virtual machine-based platform for trusted computing. In Proceedings of the nineteenth ACM symposium on Operating systems principles, SOSP '03, pages 193-206, 2003.
12. I. Habib. Virtualization with kvm. Linux J., 2008, February 2008.
13. L. Hars. Discryption: Internal Hard-Disk Encryption for Secure Storage. Computer, 40:103-105, 2007.
14. J. P. Hughes and C. J. Feist. Architecture of the secure file system, 2001.
15. X. Jiang, X. Wang, and D. Xu. Stealthy malware detection and monitoring through vmm-based "gout-of-the-box" semantic view reconstruction. ACM Trans. Inf. Syst. Secur., 13:12:1-12:28, March 2010.
16. P. H. Kamp. Gbde-geom based disk encryption. BSDCon 2003, 2003.
17. J. Kong. A practical approach to improve the data privacy of virtual machines. In Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology, CIT '10, pages 936-941, 2010.
18. C. Laird. Taking a Hard-Line Approach to Encryption. Computer, 40:13-15, 2007.
19. M. Liang and C. wen Chang. Research and design of full disk encryption based on virtual machine. In Computer Science and Information Technology (ICCSIT), 2010 3rd IEEE International Conference, pages 642-646, July 2010.
20. B. LLC. Network Booting: Preboot Execution Environment, Bootstrap Protocol, Netboot, Gpxe, Remote Initial Program Load. Books Nippan, 2010.
21. McAfee. Mcafee endpoint encryption data sheet, 2011.
22. Mike Petullo. Encrypt your root filesystem. Linux Journal, December 2004.
23. Moka5. http://www.moka5.com/.
24. B. D. Payne, M. Carbone, M. Sharif, and W. Lee. Lares: An architecture for secure active monitoring using virtualization. In Proceedings of the 2008 IEEE Symposium on Security and Privacy, pages 233-247, 2008.
25. M. Rezaei, N. Moosavi, H. Nemati, and R. Azmi. Tcvisor: A hypervisor level secure storage. In Internet Technology and Secured Transactions (ICITST), 2010 International Conference, pages 1-9, December 2010.
26. J. Satran, K. Meth, C. Sapuntzakis, M. Chadalapaka, and E. Zeidner. Internet small computer systems interface (iscsi), 2004.
27. A. Seshadri, M. Luk, N. Qu, and A. Perrig. Secvisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity oses. In Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, SOSP '07, pages 335-350, 2007.
28. T. Shinagawa, H. Eiraku, K. Tanimoto, K. Omote, S. Hasegawa, T. Horie, M. Hirano, K. Kourai, Y. Oyama, E. Kawai, K. Kono, S. Chiba, Y. Shinjo, and K. Kato. Bitvisor: a thin hypervisor for enforcing i/o device security. In Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, VEE '09, pages 121-130, 2009.
29. D. Srinivasan, Z. Wang, X. Jiang, and D. Xu. Process out-grafting: an efficient "out-of-vm" approach for fine-grained process execution monitoring. In Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pages 363-374, New York, NY, USA, 2011. ACM.
30. The Encrypting File System. http://technet.microsoft.com/en-us/library/ cc700811.aspx.
31. TrueCrypt. http://www.truecrypt.org/.
32. VMware ACE. http://www.vmware.com/products/ace/.
33. J. Watson. Virtualbox: bits and bytes masquerading as machines. Linux J., 2008, February 2008.
34. WinMagic. Securedoctm version 5.2 technical specifications, 2011.