HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity
Source: North Carolina State University
Virtualization is being widely adopted in today's computing systems. Its unique security advantages in isolating and introspecting commodity OSes as Virtual Machines (VMs) have enabled a wide spectrum of applications. However, a common, fundamental assumption is the presence of a trustworthy hypervisor. Unfortunately, the large code base of commodity hypervisors and recent successful hypervisor attacks (e.g., VM escape) seriously question the validity of this assumption. In this paper, the authors present HyperSafe, a lightweight approach that endows existing Type-I bare-metal hypervisors with a unique self-protection capability to provide lifetime control-flow integrity.
| Format: | Size: | 197.90 | |
| Date: | May 2010 |
People who downloaded this item also downloaded
- Virtualizing Tier 1 Applications: A Critical Step on the Journey Toward the Private Cloud
- Hypervisor management and optimization
- Requirements for an Integrity-Protected Hypervisor on the X86 Hardware Virtualized Architecture
- Xen Virtualization Essentials: Virtualization Deployment and Management
- A Survey on Virtual Machine Security
