Data Centers

HIMA: A Hypervisor-Based Integrity Measurement Agent

Download Now Date Added: Sep 2009
Format: PDF

Integrity measurement is a key issue in building trust in distributed systems. A good solution to integrity measurement has to provide both strong isolation between the measurement agent and the measurement target and Time Of Check To Time Of Use (TOCTTOU) consistency (i.e., The consistency between measured version and executed version throughout the lifetime of the target). Unfortunately, none of the previous approaches provide (Or can be easily modified to provide) both capabilities. This paper presents HIMA, a hypervisor-based agent that measures the integrity of Virtual Machines (VMs) running on top of the hypervisor, which provides both capabilities identified above. HIMA performs two complementary tasks: active monitoring of critical guest events and guest memory protection.