Dr Priya Chandran
Professor, Department of Computer Science and Engineering
CSE 201B. CSED, NIT Calicut, Phone: +914952286800, +914952286804 (email)
CSE 201B. CSED, NIT Calicut, Phone: +914952286800, +914952286804 (email)
"Virtualization is a vital part of computing today. Rollback is an important feature to be supported by virtualization. However, hackers leverage rollback and pose serious security threats to systems running in a virtualized environment. The aim of this paper is to identify such security threats and propose a comprehensive solution. In this paper, we propose Extended-HyperWall architecture as a solution to security of Virtual Machines (VMs) in a fully virtualized environment. Extended-HyperWall architecture is an integration of HyperWall with Rollback Sensitive Data Memory with Architecture Assistance (RSDM-A). HyperWall is a system that proposes hardware support to ensure confidentiality and integrity of a VM's data, with an assumption that hypervisor cannot be trusted. RSDM-A is an architectural support to a virtualized system that separates rollback sensitive data from rollback non-sensitive data which is one of the major causes of threats that arises due to rollback. Extended-HyperWall integrates CIP-table (Confidentiality and Integrity Table to ensure confidentiality and integrity of data) and RSDM-table (Rollback Sensitive Data Memory to protect the system from rollback attacks). The paper illustrates the design of Extended-HyperWall, and its implementation on the Xen Hypervisor kernel for testing and analysis."
n/a