Virtualization Based Secure Execution and Testing Framework

Computer security aims at protecting confidentiality, integrity, and availability of sensitive information that are processed, used, or stored by computing systems. Computer scientists working in the field of computer security have successfully designed and developed software and hardware mechanisms to provide security in modern day computing devices. As compared to hardware security mechanisms, software-only security mechanisms are easy to implement and patch. But software-only security mechanisms cannot ensure protection against hardware-based attacks, thus rendering them vulnerable to such attacks. Hardware mechanism such as secure architectures aim to root the trust of the security solution in the hardware architecture. These security architectures typically deploy security mechanisms like encryption/decryption to protect confidentiality and hashing to protect data integrity. Though the security provided by hardware secure architectures is reliably high, they require modifications to the processor micro-architecture. Any changes to the micro-architecture is an extremely costly and time consuming process. Also, testing these hardware secure architectures is difficult as it requires testing the complete system including hardware, software and applications. Recently, virtualization has emerged to be an efficient and cost effective technology that allows emulating hardware mechanisms. It also enables emulating new hardware features in a virtualized environment. This makes the task of testing security architectures efficient and easy. In this paper, we use a virtualization software to build a Virtualization Based Secure Execution and Testing Framework for testing hardware secure architectures. Our framework provides a mechanism to plug-in secure architectures and monitor or test the system behavior by performing attacks on it.