Flexible security configuration for virtual machines

Authors:
Sandra Rueda;Yogesh Sreenivasan;Trent Jaeger
Affiliations:
The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA
Venue:
Proceedings of the 2nd ACM workshop on Computer security architectures
Year:
2008

Citing 8
Cited 1

A Retrospective on the VAX VMM Security Kernel

IEEE Transactions on Software Engineering
Design and verification of secure systems

SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
A Safety-Oriented Platform for Web Applications

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Preventing privilege escalation

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Secure web applications via automatic partitioning

Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
From trusted to secure: building and executing applications that enforce system security

ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Verifying compliance of trusted programs

SS'08 Proceedings of the 17th conference on Security symposium

Scheduler vulnerabilities and coordinated attacks in cloud computing

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Virtual machines are widely accepted as a promising basis for building secure systems. However, while virtual machines offer effective mechanisms to create isolated environments, mechanisms that offer controlled interaction among VMs are immature. Some VM systems include flexible policy models and some enable MLS enforcement, but the flexible use of policy to control VM interactions has not been developed. In this paper, we propose an architecture that enables administrators to configure virtual machines to satisfy prescribed security goals. We describe the design and implementation of such an architecture using SELinux, Xen and IPsec as the tools to express and enforce policies at the OS, VM and Network layers, respectively. We develop a web application using our architecture and show that we can configure application VMs in such a way that we can verify the enforcement of the security goals of those applications.