Building a secure computer system
Building a secure computer system
The performance of μ-kernel-based systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
Interface and execution models in the Fluke kernel
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Security Mechanisms in High-Level Network Protocols
ACM Computing Surveys (CSUR)
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Improving the reliability of commodity operating systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Scale and performance in the Denali isolation kernel
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Security architectures revisited
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Are virtual-machine monitors microkernels done right?
ACM SIGOPS Operating Systems Review
Privacy-enhanced superdistribution of layered content with trusted access control
Proceedings of the ACM workshop on Digital rights management
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Towards trustworthy computing systems: taking microkernels to the next level
ACM SIGOPS Operating Systems Review
Splitting interfaces: making trust between applications and operating systems configurable
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Using hypervisor to provide data secrecy for user applications on a per-page basis
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Improving Xen security through disaggregation
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
VPFS: building a virtual private file system with a small trusted computing base
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Privilege separation made easy: trusting small libraries not big processes
Proceedings of the 1st European Workshop on System Security
The role of virtualization in embedded systems
Proceedings of the 1st workshop on Isolation and integration in embedded systems
Virtual machines jailed: virtualization in systems with small trusted computing bases
Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
The OKL4 microvisor: convergence point of microkernels and hypervisors
Proceedings of the first ACM asia-pacific workshop on Workshop on systems
Separating hypervisor trusted computing base supported by hardware
Proceedings of the fifth ACM workshop on Scalable trusted computing
CUDACS: securing the cloud with CUDA-enabled secure virtualization
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Secure virtualization for cloud computing
Journal of Network and Computer Applications
jVPFS: adding robustness to a secure stacked file system with untrusted local storage components
USENIXATC'11 Proceedings of the 2011 USENIX conference on USENIX annual technical conference
Breaking up is hard to do: security and functionality in a commodity hypervisor
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Delusional boot: securing hypervisors without massive re-engineering
Proceedings of the 7th ACM european conference on Computer Systems
Trusted integrity measurement and reporting for virtualized platforms
INTRUST'09 Proceedings of the First international conference on Trusted Systems
A comparison of secure multi-tenancy architectures for filesystem storage clouds
Middleware'11 Proceedings of the 12th ACM/IFIP/USENIX international conference on Middleware
Current Techniques and Future Trends in ES's Virtualization
Software—Practice & Experience
A comparison of secure multi-tenancy architectures for filesystem storage clouds
Proceedings of the 12th International Middleware Conference
Towards a verified component platform
Proceedings of the Seventh Workshop on Programming Languages and Operating Systems
Comprehensive formal verification of an OS microkernel
ACM Transactions on Computer Systems (TOCS)
| Hi-index | 0.00 |
Secure systems are best built on top of a small trusted operating system: The smaller the operating system, the easier it can be assured or verified for correctness.In this paper, we oppose the view that virtual-machine monitors (VMMs) are the smallest systems that provide secure isolation because they have been specifically designed to provide little more than this property. The problem with this assertion is that VMMs typically do not support interprocess communication, complicating the use of untrusted components inside a secure systems.We propose extending traditional VMMs with features for secure message passing and memory sharing to enable the use of untrusted components in secure systems. We argue that moving system components out of the TCB into the untrusted part of the system and communicating with them using IPC reduces the overall size of the TCB.We argue that many secure applications can make use of untrusted components through trusted wrappers without risking security properties such as confidentiality and integrity.