一种基于VT-d技术的虚拟机安全隔离框架研究

doi:10.3969/j.issn.1671-1122.2015.11.002

信息网络安全 ›› 2015, Vol. 15 ›› Issue (11): 7-8.doi: 10.3969/j.issn.1671-1122.2015.11.002

一种基于VT-d技术的虚拟机安全隔离框架研究

杨永娇¹, 严飞^2,³, 于钊^2,³, 张焕国^2,³

1.广东电网有限责任公司信息中心,广东广州 510080
2.武汉大学计算机学院,湖北武汉 430072
3.空天信息安全与可信计算教育部重点实验室,湖北武汉 430072

收稿日期:2015-09-07 出版日期:2015-11-25 发布日期:2015-11-20
作者简介:
作者简介：杨永娇（1990-）,女,贵州,硕士,主要研究方向：信息安全、可信计算;严飞（1980-）,男,湖北,副教授,博士,主要研究方向：信息安全、可信计算;于钊（1991-）,男,河南,硕士研究生,主要研究方向：信息安全、可信计算;张焕国（1945-）,男,河北,博士生导师,教授,主要研究方向：信息安全、可信计算、容错计算。
基金资助:
国家自然科学基金[61272452,61003268, 61173138,91118003,61303024];国家重点基础研究发展计划（国家973计划）[2014CB340600]

Research on VT-d based Virtual Machine Isolation Framework

YANG Yong-jiao¹, YAN Fei^2,³, YU Zhao^2,³, ZHANG Huan-guo^2,³

1. Guangdong Power Grid Co., Ltd., Information Center, Guangzhou Guangdong 510080, China
2.School of Computer, Wuhan University, Wuhan Hubei 430072, China
3.Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education, Wuhan University , Wuhan Hubei 430072, China

Received:2015-09-07 Online:2015-11-25 Published:2015-11-20

摘要/Abstract

摘要：

虚拟化技术作为云计算IaaS服务的支撑,能从根本上解决云计算平台上虚拟机面临的安全威胁问题。针对目前云计算虚拟机隔离执行环境在设备I/O和内存访问隔离方面的不足,文章结合基于硬件辅助虚拟化的VT-d技术以及可信计算中虚拟可信平台模块（vTPM）独立域的思想,提出了一个在Xen云平台上的安全隔离框架。该框架中由vTPM独立域对虚拟机内的数据和代码进行加密保护,并基于独立域思想对虚拟机镜像本身加密;使用VT-d技术为虚拟机直接分配网卡设备,并扩展XSM安全模块,增加了虚拟机之间授权表策略控制。实验与分析表明,该框架能够有效确保虚拟机之间的设备I/O及内存访问安全隔离,提升虚拟机隔离环境的安全性,且能较好满足系统运行性能。

关键词: 虚拟化, 可信计算, 隔离, VT-d, 虚拟可信平台模块

Abstract:

As the basis of cloud computing IaaS service, virtualization technology can fundamentally solve the threats that the virtual machines face on the cloud computing platform. In view of the deficiencies of the current cloud computing virtual machine isolation implementation environment in the aspect of device I/O and memory access isolation, this paper presents security isolation framework on a Xen cloud platform, combining the ideal of virtualization technology VT-d with trusted computing independent domain. In the framework, data and code encryption is implemented by vTPM independent domain, which encrypts the VM image. The framework assigns NIC to VM through VT-d technology, and extends the authorization control of grant table mechanism in XSM module. Experiments and analysis show that the framework is able to ensure device I/O and memory access security isolation between the virtual machines effectively, enhance the security of virtual machine isolation environment, and meet the system performances.

Key words: virtualization, trusted computing, isolation, VT-d, vTPM

中图分类号:

TP309

杨永娇, 严飞, 于钊, 张焕国. 一种基于VT-d技术的虚拟机安全隔离框架研究[J]. 信息网络安全, 2015, 15(11): 7-8.

YANG Yong-jiao, YAN Fei, YU Zhao, ZHANG Huan-guo. Research on VT-d based Virtual Machine Isolation Framework[J]. Netinfo Security, 2015, 15(11): 7-8.

图/表 21

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

图12

图13

图14

图15

图16

图17

图18

图19

图20

图21

参考文献 27

[1]	陈刚. 面向云计算的软件可用性机制研究[D]. 武汉:华中科技大学, 2013.
[2]	武越,刘向东. 涉密环境桌面虚拟化多级安全系统设计与实现[J]. 信息网络安全,2014,(9):101-104.
[3]	Chen X.Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems[C]//ACM SIGOPS Operating Systems Review. ACM, 2008, 42(2): 2-13.
[4]	Champagne D.Scalable architectural support for trusted software[C]//High Performance Computer Architecture (HPCA), 2010 IEEE 16th International Symposium on. IEEE, 2010: 1-12.
[5]	Chhabra S, Rogers B.SecureME: a hardware-software approach to full system security[C]//Proceedings of the international conference on Supercomputing. ACM, 2011: 108-119.
[6]	Wang Z.Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity[C]//Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010: 380-395.
[7]	Zhang F, Chen J.Cloudvisor: Retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization[C] //Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles. New York :ACM, 2011: 203-216.
[8]	Azab A M, Ning P, Zhang X.Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms[C]//Proceedings of the 18th ACM conference on Computer and communications security. ACM, 2011: 375-388.
[9]	Hua J, Sakurai K.Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation[C]//Proceedings of the 27th Annual ACM Symposium on Applied Computing. ACM, 2012: 1470-1477.
[10]	Pan W, Zhang Y.Improving virtualization security by splitting hypervisor into smaller components[C]//Data and Applications Security and Privacy XXVI. Springer Berlin Heidelberg, 2012: 298-313.
[11]	Jin S, Ahn J.Architectural support for secure virtualization under a vulnerable hypervisor[C]//Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture.ACM, 2011: 272-283.
[12]	Silakov D V.Using virtualization to protect application address space inside untrusted environment[J]. Programming and Computer Software, 2012, 38(1): 24-33.
[13]	Jayaram Masti R, Marforio C, Capkun S.An architecture for concurrent execution of secure environments in clouds[C]//Proceedings of the 2013 ACM workshop on Cloud computing security workshop. ACM, 2013: 11-22.
[14]	Butterworth J.Bios chronomancy: Fixing the core root of trust for measurement[C]//Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 2013: 25-36.
[15]	Garfinkel T, Pfaff B, Chow J, et al.Terra: A virtual machine-based platform for trusted computing[C]//ACM SIGOPS Operating Systems Review. ACM, 2003, 37(5): 193-206.
[16]	Berger S, Caceres R.VTPM: Virtualizing the Trusted Platform Module[C]//Proceedings of the 15th USENIX Security Symposium, Canada: Vancouver , 2006: 305-320.
[17]	Krautheim F J, Phatak D S, Sherman A T.Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing[C]//Trust and Trustworthy Computing. Springer Berlin Heidelberg, 2010: 211-227.
[18]	Intel Corporation,Intel.Virtualization Technology for Directed I/O Architecture Specification[R].October 2014.
[19]	Gordon A, Amit N, Har'El N, et al. ELI: bare-metal performance for I/O virtualization[J]. ACM SIGARCH Computer Architecture News, 2012, 40(1): 411-422.
[20]	Willmann P, Rixner S, Cox A L.Protection Strategies for Direct Access to Virtualized I/O Devices[C]//USENIX Annual Technical Conference. 2008: 15-28.
[21]	Malka M, Amit N, Ben-Yehuda M, et al.rIOMMU: Efficient IOMMU for I/O devices that employ ring buffers[C]//Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems. ACM, 2015: 355-368.
[22]	李海威,范博,李文锋. 一种可信虚拟平台构建方法的研究和改进[J]. 信息网络安全,2015,(1):1-5.
[23]	Software Freedom Conservancy.Qemu Source[EB/OL]..
[24]	Xen community.Xen Security Modules,XEN[EB/OL]..
[25]	黄强,张德华,汪伦伟. 可信计算硬件设备虚拟化关键保障机制研究[J]. 信息网络安全,2015,(9):70-73.
[26]	Xen community.Xen Source[EB/OL]..
[27]	Trust Computing Group.TCG Software Stack(TSS) Specification[R].Version 1.2 ,March 7.

一种基于VT-d技术的虚拟机安全隔离框架研究

Research on VT-d based Virtual Machine Isolation Framework

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 21

参考文献 27

相关文章 15

编辑推荐

Metrics

本文评价

[1]	杨志鹏, 王鹃, 马陈军, 亢云峰. 基于第三方库隔离的Python沙箱逃逸防御机制[J]. 信息网络安全, 2024, 24(5): 682-693.
[2]	王巍, 胡永涛, 刘清涛, 王凯崙. 铁路运行环境下ERT可信根实体的软件化技术研究[J]. 信息网络安全, 2024, 24(5): 794-801.
[3]	何业锋, 权家辉, 刘妍. 基于混合区块链的位置隐私保护方案[J]. 信息网络安全, 2024, 24(2): 229-238.
[4]	秦中元, 戈臻伟, 潘经纬, 陈立全. 基于虚拟可信平台模块的完整性度量方案研究[J]. 信息网络安全, 2023, 23(2): 11-18.
[5]	邢凌凯, 张健. 基于HPC的虚拟化平台异常检测技术研究与实现[J]. 信息网络安全, 2023, 23(10): 64-69.
[6]	张学旺, 刘宇帆. 可追踪身份的物联网感知层节点匿名认证方案[J]. 信息网络安全, 2022, 22(9): 55-62.
[7]	林发鑫, 张健. 虚拟化平台异常行为检测系统的设计与实现[J]. 信息网络安全, 2022, 22(11): 62-67.
[8]	王湘懿, 张健. 基于图像和机器学习的虚拟化平台异常检测[J]. 信息网络安全, 2020, 20(9): 92-96.
[9]	边曼琳, 王利明. 云环境下Docker容器隔离脆弱性分析与研究[J]. 信息网络安全, 2020, 20(7): 85-95.
[10]	冉金鹏, 王翔, 赵尚弘, 高航航. 基于果蝇优化的虚拟SDN网络映射算法[J]. 信息网络安全, 2020, 20(6): 65-74.
[11]	陈璐, 孙亚杰, 张立强, 陈云. 物联网环境下基于DICE的设备度量方案[J]. 信息网络安全, 2020, 20(4): 21-30.
[12]	王晓, 赵军, 张建标. 基于可信软件基的虚拟机动态监控机制研究[J]. 信息网络安全, 2020, 20(2): 7-13.
[13]	范博, 龚钢军, 孙淑娴. 基于等保2.0的配电物联网动态安全体系研究[J]. 信息网络安全, 2020, 20(11): 10-14.
[14]	白嘉萌, 寇英帅, 刘泽艺, 查达仁. 云计算平台基于角色的权限管理系统设计与实现[J]. 信息网络安全, 2020, 20(1): 75-82.
[15]	吴宏胜. 基于可信计算和UEBA的智慧政务系统[J]. 信息网络安全, 2020, 20(1): 89-93.