JAIST Repository >
School of Information Science >
Conference Papers >
Conference Papers >

Please use this identifier to cite or link to this item: http://hdl.handle.net/10119/9853

Title: A Two-Step Execution Mechanism for Thin Secure Hypervisors
Authors: Hirano, Manabu
Shinagawa, Takahiro
Eiraku, Hideki
Hasegawa, Shoichi
Omote, Kazumasa
Tanimoto, Kouichi
Horie, Takashi
Mune, Seiji
Kato, Kazuhiko
Okuda, Takeshi
Kawai, Eiji
Yamaguchi, Suguru
Keywords: VMM
Issue Date: 2009-06
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Magazine name: 2009 Third International Conference on Emerging Security Information, Systems and Technologies
Start page: 129
End page: 135
DOI: 10.1109/SECURWARE.2009.27
Abstract: Virtual Machine Monitors (VMMs), also called hypervisors,can be used to construct a trusted computing base (TCB) enhancing the security of existing operating systems. The complexity of a VMM-based TCB causes the high risk of security vulnerabilities. Therefore, this paper proposesa two-step execution mechanism to reduce the complexityof a VMM-based TCB. We propose a method to separate aconventional VMM-based TCB into the following two parts:(1) A thin hypervisor with security services and (2) A special guest OS for security preprocessing. A special guestOS performing security tasks can be executed in advance.After shutting down the special guest OS, a hypervisor obtains preprocessing security data and next boots a targetguest OS to be protected. Thus, the proposed two-step execution mechanism can reduce run-time codes of a hypervisor. This paper shows a design, a prototype implementation and measurement results of lines of code using BitVisor, a VMM-based TCB we have developed.
Rights: Copyright (C) 2009 IEEE. Reprinted from 2009 Third International Conference on Emerging Security Information, Systems and Technologies, 2009, 129-135. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of JAIST's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.
URI: http://hdl.handle.net/10119/9853
Material Type: publisher
Appears in Collections:b11-1. 会議発表論文・発表資料 (Conference Papers)

Files in This Item:

File Description SizeFormat
16563-1.pdf371KbAdobe PDFView/Open

All items in DSpace are protected by copyright, with all rights reserved.


Contact : Library Information Section, Japan Advanced Institute of Science and Technology