Secure-Turtles: Building a Secure Execution Environment for Guest VMs on Turtles System
نویسندگان
چکیده
We propose Secure-Turtle, a secure nested virtual system based on Turtles system, which provides a secure execution environment for the L2 guest VM. In particular, Secure-Turtles system builds a trust chain from L0 host hypervisor, L1 guest hypervisor, qemu-kvm daemon to L2 guest VM. Through this security chain, Secure-Turtles can protect L2 guest VM against attacks form the L1 user mode, even when the attacker has the root privilege of the L1 guest hypervisor. Our goal is to make Secure-Turtles possible to rule out known class of vulnerabilities from the L1 user. We proposed four general requirements for Secure-Turtles to satisfy to achieve our goal and list sixteen basic properties for the Secure-Turtles system to achieve. With these properties, the proposed four requirements can be guaranteed. We rely on the memory virtualization to build Secure-Turtles and implement a prototype based on Turtles. We evaluate its prototype using two metrics: security and performance. The security evaluation result shows that Secure-Turtles can protect L2 guest VM from attacks from the L1 user mode. The performance result shows that Secure-Turtles introduces little performance overhead to the L2 guest VM compared with the Turtles system.
منابع مشابه
vTZ: Virtualizing ARM TrustZone
ARM TrustZone, a security extension that provides a secure world, a trusted execution environment (TEE), to run security-sensitive code, has been widely adopted in mobile platforms. With the increasing momentum of ARM64 being adopted in server markets like cloud, it is likely to see TrustZone being adopted as a key pillar for cloud security. Unfortunately, TrustZone is not designed to be virtua...
متن کاملCoordinated and Secure Server Consolidation Using Virtual Machines
Server consolidation using virtual machines (VMs) can improve resource utilization by sharing physical resources. Each VM is isolated from the others for security and VMs can be easily migrated for load balancing. Since there are several VMs in a physical machine, the virtual machine monitor (VMM) multiplexes the physical resources among VMs according to system settings. The administrators dete...
متن کاملPrevalence of Gastritis and Enteritis in Red-Eared Turtles Diagnosed by Radiology
Objective: Recently, Red-Eared turtles are kept as pets in Iranian houses; however, because of lack of knowledge about their caring, they are in risk of lots of diseases. Turtles of all ages should be fed with a diet that contains a wide variety of both animal and plant based items but they are usually fed by one item diet which may make gastrointestinal (GI) sickness. They are also several ba...
متن کاملA Mobile and Fog-based Computing Method to Execute Smart Device Applications in a Secure Environment
With the rapid growth of smart device and Internet of things applications, the volume of communication and data in networks have increased. Due to the network lag and massive demands, centralized and traditional cloud computing architecture are not accountable to the high users' demands and not proper for execution of delay-sensitive and real time applications. To resolve these challenges, we p...
متن کاملEuropean pond turtle (Emys orbicularis persica) as a biomarker of environmental pollution in Golestan and Mazandaran provinces, Iran
Anthropogenic environmental changes are hypothesized as main reasons for animal species population declines. Heavy metals contamination is one of the worst threats to animals among human-caused threats. As most of the heavy metals bioaccumulate in organisms, analyzing concentrations of heavy metals in long living animals, such as turtles, would be very useful for biomonitoring of environmental ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JCP
دوره 9 شماره
صفحات -
تاریخ انتشار 2014