When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Memory resource management in VMware ESX server
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Model-based intrusion detection system design and evaluation
Model-based intrusion detection system design and evaluation
Live migration of virtual machines
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Unmodified device driver reuse and improved system dependability via virtual machines
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Improving Xen security through disaggregation
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
OSLO: improving the security of trusted computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Lares: An Architecture for Secure Active Monitoring Using Virtualization
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Hypervisor support for identifying covertly executing binaries
SS'08 Proceedings of the 17th conference on Security symposium
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Cloud security is not (just) virtualization security: a short paper
Proceedings of the 2009 ACM workshop on Cloud computing security
Property Based Attestation and Trusted Computing: Analysis and Challenges
NSS '09 Proceedings of the 2009 Third International Conference on Network and System Security
NOVA: a microhypervisor-based secure virtualization architecture
Proceedings of the 5th European conference on Computer systems
TrustVisor: Efficient TCB Reduction and Attestation
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Computer meteorology: monitoring compute clouds
HotOS'09 Proceedings of the 12th conference on Hot topics in operating systems
Seeding clouds with trust anchors
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
The turtles project: design and implementation of nested virtualization
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Detecting Kernel-Level Rootkits Using Data Structure Invariants
IEEE Transactions on Dependable and Secure Computing
Breaking up is hard to do: security and functionality in a commodity hypervisor
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Eliminating the hypervisor attack surface for a more secure cloud
Proceedings of the 18th ACM conference on Computer and communications security
Recursive virtual machines for advanced security mechanisms
DSNW '11 Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops
Enabling secure VM-vTPM migration in private clouds
Proceedings of the 27th Annual Computer Security Applications Conference
The Xen-Blanket: virtualize once, run everywhere
Proceedings of the 7th ACM european conference on Computer Systems
HotCloud'11 Proceedings of the 3rd USENIX conference on Hot topics in cloud computing
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Verifying system integrity by proxy
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Trusted VM snapshots in untrusted cloud infrastructures
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Towards a richer model of cloud app markets
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Verifying cloud services: present and future
ACM SIGOPS Operating Systems Review
MyCloud: supporting user-configured privacy protection in cloud computing
Proceedings of the 29th Annual Computer Security Applications Conference
Client-controlled cryptography-as-a-service in the cloud
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
| Hi-index | 0.00 |
Modern cloud computing infrastructures use virtual machine monitors (VMMs) that often include a large and complex administrative domain with privileges to inspect client VM state. Attacks against or misuse of the administrative domain can compromise client security and privacy. Moreover, these VMMs provide clients inflexible control over their own VMs, as a result of which clients have to rely on the cloud provider to deploy useful services, such as VM introspection-based security tools. We introduce a new self-service cloud (SSC) computing model that addresses these two shortcomings. SSC splits administrative privileges between a system-wide domain and per-client administrative domains. Each client can manage and perform privileged system tasks on its own VMs, thereby providing flexibility. The system-wide administrative domain cannot inspect the code, data or computation of client VMs, thereby ensuring security and privacy. SSC also allows providers and clients to establish mutually trusted services that can check regulatory compliance while respecting client privacy. We have implemented SSC by modifying the Xen hypervisor. We demonstrate its utility by building user domains to perform privileged tasks such as memory introspection, storage intrusion detection, and anomaly detection.