Hi-index | 0.00 |
In response to a continually advancing threat incurred by untrusted codes from Internet, various virtualization-based technologies have been proposed. Such technologies utilize a software layer, a virtual machine monitor or hyper visor, to achieve the highest privilege in a computer system. Generally, they construct isolated execution environments to run the untrusted code while shielding the other parts of the system from the potential security issues. In this paper, we survey a number of virtualization-based technologies with the goal of finding an appropriate candidate to serve as an untrusted code execution solution on PC platforms. Contenders are reviewed with a number of desirable properties, especially security, transparency portability and performance.