Architectural support for hypervisor-secure virtualization
ASPLOS XVII Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating Systems
Hardware-enhanced access control for cloud computing
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Security Verification of Hardware-enabled Attestation Protocols
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
Computer Standards & Interfaces
| Hi-index | 0.00 |
Cloud computing, enabled by virtualization technologies, is becoming a mainstream computing model. Many companies are starting to utilize the infrastructure-as-a-service (IaaS) cloud computing model, leasing guest virtual machines (VMs) from the infrastructure providers for economic reasons: to reduce their operating costs and to increase the flexibility of their own infrastructures. Yet, many companies may be hesitant to move to cloud computing due to security concerns. An integral part of any virtualization technology is the all-powerful hyper visor. A hyper visor is a system management software layer which can access all resources of the platform. Much research has been done on using hyper visors to monitor guest VMs for malicious code and on hardening hyper visors to make them more secure. There is, however, another threat which has not been addressed by researchers--that of compromised or malicious hyper visors that can extract sensitive or confidential data from guest VMs. Consequently, we propose that a new research direction needs to be undertaken to tackle this threat. We further propose that new hardware mechanisms in the multi core microprocessors are a viable way of providing protections for the guest VMs from the hyper visor, while still allowing the hyper visor to flexibly manage the resources of the physical platform.