Paper Info
Title
A secure and rapid response architecture for virtual machine migration from an untrusted hypervisor to a trusted one.
Abstract
Two key issues exist during virtual machine (VM) migration in cloud computing. One is when to start migration, and the other is how to determine a reliable target, both of which totally depend on whether the source hypervisor is trusted or not in previous studies. However, once the source hypervisor is not trusted any more, migration will be facing unprecedented challenges. To address the problems, we propose a secure architecture SMIG (secure migration), which defines a new concept of Region Critical TCB and leverages an innovative adjacent integrity measurement (AIM) mechanism. AIM dynamically monitors the integrity of its adjacent hypervisor, and passes the results to the Region Critical TCB, which then determines whether to start migration and where to migrate according to a table named integrity validation table. We have implemented a prototype of SMIG based on the Xen hypervisor. Experimental evaluation result shows that SMIG could detect amalicious hypervisor and start migration to a trusted one rapidly, only incurring a moderate overhead for computing intensive and I/O intensive tasks, and small for others.
Year
DOI
Venue
2017
10.1007/s11704-016-5190-6
Frontiers of Computer Science
Keywords
Field
DocType
untrusted hypervisor,migration target,adjacent integrity measurement,Region Critical TCB
Architecture,Virtual machine,Storage hypervisor,Computer science,Hypervisor,Integrity measurement,Operating system,Cloud computing,Embedded system
Journal
Volume
Issue
ISSN
11
5
2095-2228
Citations 
PageRank 
References 
0
0.34
31
Authors
3
Name
Order
Citations
PageRank
Tao Wu112221.56
Qiusong Yang2497.28
Yeping He37714.64