Protecting Kernel Code and Data With a Virtualization-Aware Collaborative Operating System

Free registration required

Executive Summary

The traditional virtual machine usage model advocates placing security mechanisms in a trusted VM layer and letting the untrusted guest OS run unaware of the presence of virtualization. This paper challenges this traditional model and proposes a collaboration approach between a virtualization aware operating system and a VM layer to prevent tampering against kernel code and data. The integrity model is a relaxed version of Biba's and the main idea is to have all attempted writes into kernel code and data segments checked for validity at VM level. The OS-VM collaboration bridges the semantic gap between tracing low integrity objects at OS-level (Files, Processes, Modules, Allocated Areas) and architecture-level (Memory and Registers).

  • Format: PDF
  • Size: 134 KB