Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
VICI Virtual Machine Introspection for Cognitive Immunity
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
VMGuard: An Integrity Monitoring System for Management Virtual Machines
ICPADS '10 Proceedings of the 2010 IEEE 16th International Conference on Parallel and Distributed Systems
Process Implanting: A New Active Introspection Framework for Virtualization
SRDS '11 Proceedings of the 2011 IEEE 30th International Symposium on Reliable Distributed Systems
| Hi-index | 0.00 |
In this poster, we present TrustDraw, a transparent security extension for the cloud which combines Virtual Machine Introspection (VMI) and Trusted Computing (TC). TrustDraw provides secure storage of critical data like keys or passwords and allows to temporarily insert this data into a running virtual machine (VM) if required. TrustDraw improves security by allowing access to the critical data only if certain previously defined conditions are met. This way, the stealing of critical data by bypassing access permissions based on successfully executed attacks can be mitigated. TrustDraw runs isolated and transparent. No software modifications are required on a target VM. We evaluated an implementation of TrustDraw in a realistic scenario in which it only caused an acceptable run-time delay.