Date Added: Apr 2010
Virtualization has been purported to be a panacea for many security problems. The authors analyze the feasibility of constructing an integrity-protected hypervisor on contemporary x86 hardware that includes virtualization support, observing that without the fundamental property of hypervisor integrity, no secrecy properties can be achieved. Unfortunately, they find that significant issues remain for constructing an integrity-protected hypervisor on such hardware. Based on the analysis, they describe a set of necessary rules that must be followed by hypervisor developers and users to maintain hypervisor integrity. No current hypervisor the authors are aware of adheres to all the rules.