Extended-HyperWall: Hardware support for rollback secure virtualization

Shoundic, S, Chandran P, Krishna P, Reddy V, Jayachandra B, Pande L.  2016.  Extended-HyperWall: Hardware support for rollback secure virtualization, September. 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI). , Jaipur, India

Date Presented:



"Virtualization is a vital part of computing today. Rollback is an important feature to be supported by virtualization. However, hackers leverage rollback and pose serious security threats to systems running in a virtualized environment. The aim of this paper is to identify such security threats and propose a comprehensive solution. In this paper, we propose Extended-HyperWall architecture as a solution to security of Virtual Machines (VMs) in a fully virtualized environment. Extended-HyperWall architecture is an integration of HyperWall with Rollback Sensitive Data Memory with Architecture Assistance (RSDM-A). HyperWall is a system that proposes hardware support to ensure confidentiality and integrity of a VM's data, with an assumption that hypervisor cannot be trusted. RSDM-A is an architectural support to a virtualized system that separates rollback sensitive data from rollback non-sensitive data which is one of the major causes of threats that arises due to rollback. Extended-HyperWall integrates CIP-table (Confidentiality and Integrity Table to ensure confidentiality and integrity of data) and RSDM-table (Rollback Sensitive Data Memory to protect the system from rollback attacks). The paper illustrates the design of Extended-HyperWall, and its implementation on the Xen Hypervisor kernel for testing and analysis."



Related External Link