Processor virtualization for secure mobile terminals

Authors:
Hiroaki Inoue;Junji Sakai;Masato Edahiro
Affiliations:
NEC Corp., Kanagawa, Japan;NEC Corp., Kanagawa, Japan;NEC Corp., Kanagawa, Japan
Venue:
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Year:
2008

Citing 19
Cited 6

Inside Java 2 platform security architecture, API design, and implementation

Inside Java 2 platform security architecture, API design, and implementation
System Deadlocks

ACM Computing Surveys (CSUR)
Architectural support for copy and tamper resistant software

ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Parallel Computer Architecture: A Hardware/Software Approach

Parallel Computer Architecture: A Hardware/Software Approach
Improving Security Using Extensible Lightweight Static Analysis

IEEE Software
Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor

Proceedings of the General Track: 2002 USENIX Annual Technical Conference
A Trusted Open Platform

Computer
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions

Proceedings of the 32nd annual international symposium on Computer Architecture
FIDES: an advanced chip multiprocessor platform for secure next generation mobile terminals

CODES+ISSS '05 Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
VIRTUS: a new processor virtualization architecture for security-oriented next-generation mobile terminals

Proceedings of the 43rd annual Design Automation Conference
Advanced virtualization capabilities of POWER5 systems

IBM Journal of Research and Development - POWER5 and packaging
A comparison of software and hardware techniques for x86 virtualization

Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
Methodology for attack on a Java-based PDA

CODES+ISSS '06 Proceedings of the 4th international conference on Hardware/software codesign and system synthesis
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Transparent run-time defense against stack smashing attacks

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
lmbench: portable tools for performance analysis

ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
A user-mode port of the linux kernel

ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4

Dynamic security domain scaling on embedded symmetric multiprocessors

ACM Transactions on Design Automation of Electronic Systems (TODAES)
Hierarchical multi-agent protection system for NoC based MPSoCs

Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems
Enhancing network-on-chip components to support security of processing elements

WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
Composition kernel: a multi-core processor virtualization layer for rich functional smart products

SEUS'10 Proceedings of the 8th IFIP WG 10.2 international conference on Software technologies for embedded and ubiquitous systems
Temporal and spatial isolation in a virtualization layer for multi-core processor based information appliances

Proceedings of the 16th Asia and South Pacific Design Automation Conference
Delivering secure applications on commercial mobile devices: the case for bare metal hypervisors

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a processor virtualization architecture, VIRTUS, to provide a dedicated domain for preinstalled applications and virtualized domains for downloaded native applications. With it, security-oriented next-generation mobile terminals can provide any number of domains for native applications. VIRTUS features three new technologies, namely, VMM asymmetrization, dynamic interdomain communication (IDC), and virtualization-assist logic, and it is first in the world to virtualize an ARM-based multiprocessor. Evaluations have shown that VMM asymmetrization results in significantly less performance degradation and LOC increase than do other VMMs. Further, dynamic IDC overhead is low enough, and virtualization-assist logic can be implemented in a sufficiently small area.