Hypervisor-based Security Architecture to Protect Web Applications
نویسندگان
چکیده
Web based applications are very common nowadays where almost every software can be accessible through a web browser in one form or the other. This paper proposes techniques to detect different threats related to web applications by using a hypervisorbased security architecture. The proposed architecture leverages the hypervisor’s visibility of the virtual machines’ runtime state and traffic flows for securing the web application. The unique feature of the proposed architecture is that it is capable of doing fine granular detection of web application attacks, i.e. to the specific web page level, and protecting the application against zero-day attacks.
منابع مشابه
Designing Embedded Virtualized Intel(R) Architecture Platforms with the right Embedded Hypervisor
Virtualization is fast becoming a key enabling technology for embedded designs, offering the potential opportunity to consolidate multi-processor designs into a single processor multi-core design, legacy and proprietary embedded software migration and separation for performance and safety critical applications. In this paper, we investigate the various hypervisor software models that exist and ...
متن کاملHardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices
As more and more mobile applications need to run security critical codes (SCCs) for secure transactions and critical information handling, the demand for a Trusted Execution Environment (TEE) to ensure safe execution of SCCs is rapidly escalating. Although a number of studies have implemented TEEs using TrustZone or hypervisors and have evinced the effectiveness in terms of security, they face ...
متن کاملsHype: Secure Hypervisor Approach to Trusted Virtualized Systems
We present an operating system independent hypervisor security architecture and its application to control information flow between operating systems sharing a single hardware platform. New computing paradigms -such as Grid computing, On-demand services, or Web Servicesincreasingly depend on the security of the underlying computing infrastructure. A fundamental security problem today is that al...
متن کاملCloud Security Management Model based on mobile agents and web services interaction
Security is one of the most important issue faced by the cloud adoption. Therefore, cloud actors such as customers, provider, business partners, and auditors are asking for major security controls and measures to be set in order to supervise and protect cloud assets and services. In fact, the security management is a very complex task specially in cloud environment because of its multi-layers s...
متن کاملFrom the Open Trusted Computing (OpenTC) research project, sponsored by the European Union. In this issue:- Editorial: Verified compartments to protect users against malware- Private Electronic Transactions- The OpenTC proof-of-concept prototype- Static a
At the beginning of the OpenTC project, many opinions on Trusted Computing (TC) gathered on the Internet in discussion fora and articles were critical of the technology. Some people believed that TC would be used for tracking citizens’ activities, locking computers into proprietary configurations, enforcing unfair business models for content or software provision, and even automatically deletin...
متن کامل