Research on VT-d based Virtual Machine Isolation Framework

doi:10.3969/j.issn.1671-1122.2015.11.002

Abstract

Abstract:

As the basis of cloud computing IaaS service, virtualization technology can fundamentally solve the threats that the virtual machines face on the cloud computing platform. In view of the deficiencies of the current cloud computing virtual machine isolation implementation environment in the aspect of device I/O and memory access isolation, this paper presents security isolation framework on a Xen cloud platform, combining the ideal of virtualization technology VT-d with trusted computing independent domain. In the framework, data and code encryption is implemented by vTPM independent domain, which encrypts the VM image. The framework assigns NIC to VM through VT-d technology, and extends the authorization control of grant table mechanism in XSM module. Experiments and analysis show that the framework is able to ensure device I/O and memory access security isolation between the virtual machines effectively, enhance the security of virtual machine isolation environment, and meet the system performances.

Key words: virtualization, trusted computing, isolation, VT-d, vTPM

CLC Number:

TP309

YANG Yong-jiao, YAN Fei, YU Zhao, ZHANG Huan-guo. Research on VT-d based Virtual Machine Isolation Framework[J]. Netinfo Security, 2015, 15(11): 7-8.

Figures/Tables 21

References 27

[1]	陈刚. 面向云计算的软件可用性机制研究[D]. 武汉:华中科技大学, 2013.
[2]	武越,刘向东. 涉密环境桌面虚拟化多级安全系统设计与实现[J]. 信息网络安全,2014,(9):101-104.
[3]	Chen X.Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems[C]//ACM SIGOPS Operating Systems Review. ACM, 2008, 42(2): 2-13.
[4]	Champagne D.Scalable architectural support for trusted software[C]//High Performance Computer Architecture (HPCA), 2010 IEEE 16th International Symposium on. IEEE, 2010: 1-12.
[5]	Chhabra S, Rogers B.SecureME: a hardware-software approach to full system security[C]//Proceedings of the international conference on Supercomputing. ACM, 2011: 108-119.
[6]	Wang Z.Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity[C]//Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010: 380-395.
[7]	Zhang F, Chen J.Cloudvisor: Retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization[C] //Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles. New York :ACM, 2011: 203-216.
[8]	Azab A M, Ning P, Zhang X.Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms[C]//Proceedings of the 18th ACM conference on Computer and communications security. ACM, 2011: 375-388.
[9]	Hua J, Sakurai K.Barrier: a lightweight hypervisor for protecting kernel integrity via memory isolation[C]//Proceedings of the 27th Annual ACM Symposium on Applied Computing. ACM, 2012: 1470-1477.
[10]	Pan W, Zhang Y.Improving virtualization security by splitting hypervisor into smaller components[C]//Data and Applications Security and Privacy XXVI. Springer Berlin Heidelberg, 2012: 298-313.
[11]	Jin S, Ahn J.Architectural support for secure virtualization under a vulnerable hypervisor[C]//Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture.ACM, 2011: 272-283.
[12]	Silakov D V.Using virtualization to protect application address space inside untrusted environment[J]. Programming and Computer Software, 2012, 38(1): 24-33.
[13]	Jayaram Masti R, Marforio C, Capkun S.An architecture for concurrent execution of secure environments in clouds[C]//Proceedings of the 2013 ACM workshop on Cloud computing security workshop. ACM, 2013: 11-22.
[14]	Butterworth J.Bios chronomancy: Fixing the core root of trust for measurement[C]//Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 2013: 25-36.
[15]	Garfinkel T, Pfaff B, Chow J, et al.Terra: A virtual machine-based platform for trusted computing[C]//ACM SIGOPS Operating Systems Review. ACM, 2003, 37(5): 193-206.
[16]	Berger S, Caceres R.VTPM: Virtualizing the Trusted Platform Module[C]//Proceedings of the 15th USENIX Security Symposium, Canada: Vancouver , 2006: 305-320.
[17]	Krautheim F J, Phatak D S, Sherman A T.Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing[C]//Trust and Trustworthy Computing. Springer Berlin Heidelberg, 2010: 211-227.
[18]	Intel Corporation,Intel.Virtualization Technology for Directed I/O Architecture Specification[R].October 2014.
[19]	Gordon A, Amit N, Har'El N, et al. ELI: bare-metal performance for I/O virtualization[J]. ACM SIGARCH Computer Architecture News, 2012, 40(1): 411-422.
[20]	Willmann P, Rixner S, Cox A L.Protection Strategies for Direct Access to Virtualized I/O Devices[C]//USENIX Annual Technical Conference. 2008: 15-28.
[21]	Malka M, Amit N, Ben-Yehuda M, et al.rIOMMU: Efficient IOMMU for I/O devices that employ ring buffers[C]//Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems. ACM, 2015: 355-368.
[22]	李海威,范博,李文锋. 一种可信虚拟平台构建方法的研究和改进[J]. 信息网络安全,2015,(1):1-5.
[23]	Software Freedom Conservancy.Qemu Source[EB/OL]..
[24]	Xen community.Xen Security Modules,XEN[EB/OL]..
[25]	黄强,张德华,汪伦伟. 可信计算硬件设备虚拟化关键保障机制研究[J]. 信息网络安全,2015,(9):70-73.
[26]	Xen community.Xen Source[EB/OL]..
[27]	Trust Computing Group.TCG Software Stack(TSS) Specification[R].Version 1.2 ,March 7.