Name
Abstract | ||
|---|---|---|
In cloud computing, the confidentiality and integrity of virtual machines (VMs) are facing severe threats because of the huge trusted computing base (TCB) software stack in virtualization layer. With the increasing momentum of ARM64 in cloud computing server markets, it is important to protect VMs from privileged software (including host operating system and hypervisor) on ARM64. In this paper, we have created SecureHyp, a new virtualization platform design for refactoring the existing hypervisor using the ARM64 hardware security mechanisms to reduce the TCB while protecting VMs against untrusted privileged software. Based on the principle of the least privilege, SecureHyp separates the sensitive-resource management from the rights of the hypervisor and prohibits the hypervisor from accessing specific sensitive resources. By deploying the memory isolation using ARM Trusted Firmware (ATF) and virtual Memory Management Unit (vMMU), SecureHyp ensures both the security and efficiency of the guest VMs. We have implemented SecureHyp on Linux firefly-4.4.194 with modest modification. The results show that SecureHyp can protect the confidentiality and integrity of virtual machines with only around 2000 lines of code software TCB and negligible performance overhead. |
Year | DOI | Venue |
|---|---|---|
2022 | 10.1109/ICC45855.2022.9839069 | ICC 2022 - IEEE International Conference on Communications |
Keywords | DocType | ISSN |
protecting virtual machines,untrusted hypervisor,ARM64 cloud platform,cloud computing,confidentiality,severe threats,huge trusted computing base software stack,virtualization layer,increasing momentum,server markets,including host operating system,SecureHyp,virtualization platform design,existing hypervisor,ARM64 hardware security mechanisms,untrusted privileged software,privilege,sensitive-resource management,specific sensitive resources,guest VMs,code software TCB | Conference | 1550-3607 |
ISBN | Citations | PageRank |
978-1-5386-8348-4 | 0 | 0.34 |
References | Authors | |
7 | 3 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Qihang Zhou | 1 | 0 | 0.68 |
| Xiaoqi Jia | 2 | 0 | 0.68 |
| Nan Jiang | 3 | 0 | 0.68 |