一种基于VT-d技术的虚拟机安全隔离框架研究

doi:10.3969/j.issn.1671-1122.2015.11.002

信息网络安全 ›› 2015, Vol. 15 ›› Issue (11): 7-8.doi: 10.3969/j.issn.1671-1122.2015.11.002

一种基于VT-d技术的虚拟机安全隔离框架研究

杨永娇¹, 严飞^2,³, 于钊^2,³, 张焕国^2,³

1.广东电网有限责任公司信息中心,广东广州 510080
2.武汉大学计算机学院,湖北武汉 430072
3.空天信息安全与可信计算教育部重点实验室,湖北武汉 430072

收稿日期:2015-09-07 出版日期:2015-11-25 发布日期:2015-11-20
作者简介:
作者简介：杨永娇（1990-）,女,贵州,硕士,主要研究方向：信息安全、可信计算;严飞（1980-）,男,湖北,副教授,博士,主要研究方向：信息安全、可信计算;于钊（1991-）,男,河南,硕士研究生,主要研究方向：信息安全、可信计算;张焕国（1945-）,男,河北,博士生导师,教授,主要研究方向：信息安全、可信计算、容错计算。
基金资助:
国家自然科学基金[61272452,61003268, 61173138,91118003,61303024];国家重点基础研究发展计划（国家973计划）[2014CB340600]

Research on VT-d based Virtual Machine Isolation Framework

Yong-jiao YANG¹, Fei YAN^2,³, Zhao YU^2,³, Huan-guo ZHANG^2,³

1. Guangdong Power Grid Co., Ltd., Information Center, Guangzhou Guangdong 510080, China
2.School of Computer, Wuhan University, Wuhan Hubei 430072, China
3.Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education, Wuhan University , Wuhan Hubei 430072, China

Received:2015-09-07 Online:2015-11-25 Published:2015-11-20

摘要/Abstract

摘要：

虚拟化技术作为云计算IaaS服务的支撑,能从根本上解决云计算平台上虚拟机面临的安全威胁问题。针对目前云计算虚拟机隔离执行环境在设备I/O和内存访问隔离方面的不足,文章结合基于硬件辅助虚拟化的VT-d技术以及可信计算中虚拟可信平台模块（vTPM）独立域的思想,提出了一个在Xen云平台上的安全隔离框架。该框架中由vTPM独立域对虚拟机内的数据和代码进行加密保护,并基于独立域思想对虚拟机镜像本身加密;使用VT-d技术为虚拟机直接分配网卡设备,并扩展XSM安全模块,增加了虚拟机之间授权表策略控制。实验与分析表明,该框架能够有效确保虚拟机之间的设备I/O及内存访问安全隔离,提升虚拟机隔离环境的安全性,且能较好满足系统运行性能。

关键词: 虚拟化, 可信计算, 隔离, VT-d, 虚拟可信平台模块

Abstract:

As the basis of cloud computing IaaS service, virtualization technology can fundamentally solve the threats that the virtual machines face on the cloud computing platform. In view of the deficiencies of the current cloud computing virtual machine isolation implementation environment in the aspect of device I/O and memory access isolation, this paper presents security isolation framework on a Xen cloud platform, combining the ideal of virtualization technology VT-d with trusted computing independent domain. In the framework, data and code encryption is implemented by vTPM independent domain, which encrypts the VM image. The framework assigns NIC to VM through VT-d technology, and extends the authorization control of grant table mechanism in XSM module. Experiments and analysis show that the framework is able to ensure device I/O and memory access security isolation between the virtual machines effectively, enhance the security of virtual machine isolation environment, and meet the system performances.

Key words: virtualization, trusted computing, isolation, VT-d, vTPM

中图分类号:

TP309

杨永娇, 严飞, 于钊, 张焕国. 一种基于VT-d技术的虚拟机安全隔离框架研究[J]. 信息网络安全, 2015, 15(11): 7-8.

Yong-jiao YANG, Fei YAN, Zhao YU, Huan-guo ZHANG. Research on VT-d based Virtual Machine Isolation Framework[J]. Netinfo Security, 2015, 15(11): 7-8.

图/表 21

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

图12

图13

图14

图15

图16

图17

图18

图19

图20

图21

参考文献 27

[1]	陈刚. 面向云计算的软件可用性机制研究[D]. 武汉:华中科技大学, 2013.
[2]	武越,刘向东. 涉密环境桌面虚拟化多级安全系统设计与实现[J]. 信息网络安全,2014,(9):101-104.
[3]	Chen X.Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems[C]//ACM SIGOPS Operating Systems Review. ACM, 2008, 42(2): 2-13.
[4]	Champagne D.Scalable architectural support for trusted software[C]//High Performance Computer Architecture (HPCA), 2010 IEEE 16th International Symposium on. IEEE, 2010: 1-12.
[5]	Chhabra S, Rogers B.SecureME: a hardware-software approach to full system security[C]//Proceedings of the international conference on Supercomputing. ACM, 2011: 108-119.
[6]	Wang Z.Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity[C]//Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010: 380-395.
[7]	Zhang F, Chen J.Cloudvisor: Retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization[C] //Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles. New York :ACM, 2011: 203-216.
[8]	Azab A M, Ning P, Zhang X.Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms[C]//Proceedings of the 18th ACM conference on Computer and communications security. ACM, 2011: 375-388.
[9]	Hua J, Sakurai K.Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation[C]//Proceedings of the 27th Annual ACM Symposium on Applied Computing. ACM, 2012: 1470-1477.
[10]	Pan W, Zhang Y.Improving virtualization security by splitting hypervisor into smaller components[C]//Data and Applications Security and Privacy XXVI. Springer Berlin Heidelberg, 2012: 298-313.
[11]	Jin S, Ahn J.Architectural support for secure virtualization under a vulnerable hypervisor[C]//Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture.ACM, 2011: 272-283.
[12]	Silakov D V.Using virtualization to protect application address space inside untrusted environment[J]. Programming and Computer Software, 2012, 38(1): 24-33.
[13]	Jayaram Masti R, Marforio C, Capkun S.An architecture for concurrent execution of secure environments in clouds[C]//Proceedings of the 2013 ACM workshop on Cloud computing security workshop. ACM, 2013: 11-22.
[14]	Butterworth J.Bios chronomancy: Fixing the core root of trust for measurement[C]//Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 2013: 25-36.
[15]	Garfinkel T, Pfaff B, Chow J, et al.Terra: A virtual machine-based platform for trusted computing[C]//ACM SIGOPS Operating Systems Review. ACM, 2003, 37(5): 193-206.
[16]	Berger S, Caceres R.VTPM: Virtualizing the Trusted Platform Module[C]//Proceedings of the 15th USENIX Security Symposium, Canada: Vancouver , 2006: 305-320.
[17]	Krautheim F J, Phatak D S, Sherman A T.Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing[C]//Trust and Trustworthy Computing. Springer Berlin Heidelberg, 2010: 211-227.
[18]	Intel Corporation,Intel.Virtualization Technology for Directed I/O Architecture Specification[R].October 2014.
[19]	Gordon A, Amit N, Har'El N, et al. ELI: bare-metal performance for I/O virtualization[J]. ACM SIGARCH Computer Architecture News, 2012, 40(1): 411-422.
[20]	Willmann P, Rixner S, Cox A L.Protection Strategies for Direct Access to Virtualized I/O Devices[C]//USENIX Annual Technical Conference. 2008: 15-28.
[21]	Malka M, Amit N, Ben-Yehuda M, et al.rIOMMU: Efficient IOMMU for I/O devices that employ ring buffers[C]//Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems. ACM, 2015: 355-368.
[22]	李海威,范博,李文锋. 一种可信虚拟平台构建方法的研究和改进[J]. 信息网络安全,2015,(1):1-5.
[23]	Software Freedom Conservancy.Qemu Source[EB/OL]..
[24]	Xen community.Xen Security Modules,XEN[EB/OL]..
[25]	黄强,张德华,汪伦伟. 可信计算硬件设备虚拟化关键保障机制研究[J]. 信息网络安全,2015,(9):70-73.
[26]	Xen community.Xen Source[EB/OL]..
[27]	Trust Computing Group.TCG Software Stack(TSS) Specification[R].Version 1.2 ,March 7.

一种基于VT-d技术的虚拟机安全隔离框架研究

Research on VT-d based Virtual Machine Isolation Framework

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 21

参考文献 27

相关文章 15

编辑推荐

Metrics

本文评价

[1]	陈璐, 孙亚杰, 张立强, 陈云. 物联网环境下基于DICE的设备度量方案[J]. 信息网络安全, 2020, 20(4): 21-30.
[2]	王晓, 赵军, 张建标. 基于可信软件基的虚拟机动态监控机制研究[J]. 信息网络安全, 2020, 20(2): 7-13.
[3]	白嘉萌, 寇英帅, 刘泽艺, 查达仁. 云计算平台基于角色的权限管理系统设计与实现[J]. 信息网络安全, 2020, 20(1): 75-82.
[4]	吴宏胜. 基于可信计算和UEBA的智慧政务系统[J]. 信息网络安全, 2020, 20(1): 89-93.
[5]	任良钦, 王伟, 王琼霄, 鲁琳俪. 一种新型云密码计算平台架构及实现[J]. 信息网络安全, 2019, 19(9): 91-95.
[6]	尚文利, 尹隆, 刘贤达, 赵剑明. 工业控制系统安全可信环境构建技术及应用[J]. 信息网络安全, 2019, 19(6): 1-10.
[7]	尚文利, 张修乐, 刘贤达, 尹隆. 工控网络局域可信计算环境构建方法与验证[J]. 信息网络安全, 2019, 19(4): 1-10.
[8]	时向泉, 陶静, 赵宝康. 面向虚拟化环境的网络访问控制系统[J]. 信息网络安全, 2019, 19(10): 1-9.
[9]	王晋, 喻潇, 刘畅, 赵波. 智能电网环境下一种基于SDKey的智能移动终端远程证明方案[J]. 信息网络安全, 2018, 18(7): 1-6.
[10]	王越, 程相国, 王戌琦. 基于双线性对的密钥隔离群签名方案研究[J]. 信息网络安全, 2018, 18(6): 61-66.
[11]	李月, 姜玮, 季佳华, 段德忠. 一种基于虚拟化平台的安全外包技术研究[J]. 信息网络安全, 2018, 18(5): 82-88.
[12]	李月, 姜玮, 季佳华, 段德忠. 一种基于虚拟化平台的安全外包技术研究[J]. 信息网络安全, 2018, 18(5): 82-88.
[13]	张建标, 杨石松, 涂山山, 王晓. 面向云计算环境的vTPCM可信管理方案[J]. 信息网络安全, 2018, 18(4): 9-14.
[14]	朱维军, 樊永文, 班绍桓. 动态虚拟MSISDN的拟态自动机模型与安全性验证方法[J]. 信息网络安全, 2018, 18(4): 15-22.
[15]	刘志娟, 高隽, 丁启枫, 王跃武. 移动终端TEE技术进展研究[J]. 信息网络安全, 2018, 18(2): 84-91.