|
JAIST Repository >
School of Information Science >
Conference Papers >
Conference Papers >
Please use this identifier to cite or link to this item:
http://hdl.handle.net/10119/9853
|
Title: | A Two-Step Execution Mechanism for Thin Secure Hypervisors |
Authors: | Hirano, Manabu Shinagawa, Takahiro Eiraku, Hideki Hasegawa, Shoichi Omote, Kazumasa Tanimoto, Kouichi Horie, Takashi Mune, Seiji Kato, Kazuhiko Okuda, Takeshi Kawai, Eiji Yamaguchi, Suguru |
Keywords: | VMM |
Issue Date: | 2009-06 |
Publisher: | Institute of Electrical and Electronics Engineers (IEEE) |
Magazine name: | 2009 Third International Conference on Emerging Security Information, Systems and Technologies |
Start page: | 129 |
End page: | 135 |
DOI: | 10.1109/SECURWARE.2009.27 |
Abstract: | Virtual Machine Monitors (VMMs), also called hypervisors,can be used to construct a trusted computing base (TCB) enhancing the security of existing operating systems. The complexity of a VMM-based TCB causes the high risk of security vulnerabilities. Therefore, this paper proposesa two-step execution mechanism to reduce the complexityof a VMM-based TCB. We propose a method to separate aconventional VMM-based TCB into the following two parts:(1) A thin hypervisor with security services and (2) A special guest OS for security preprocessing. A special guestOS performing security tasks can be executed in advance.After shutting down the special guest OS, a hypervisor obtains preprocessing security data and next boots a targetguest OS to be protected. Thus, the proposed two-step execution mechanism can reduce run-time codes of a hypervisor. This paper shows a design, a prototype implementation and measurement results of lines of code using BitVisor, a VMM-based TCB we have developed. |
Rights: | Copyright (C) 2009 IEEE. Reprinted from 2009 Third International Conference on Emerging Security Information, Systems and Technologies, 2009, 129-135. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of JAIST's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it. |
URI: | http://hdl.handle.net/10119/9853 |
Material Type: | publisher |
Appears in Collections: | b11-1. 会議発表論文・発表資料 (Conference Papers)
|
Files in This Item:
File |
Description |
Size | Format |
16563-1.pdf | | 371Kb | Adobe PDF | View/Open |
|
All items in DSpace are protected by copyright, with all rights reserved.
|