Abstract
Integrity Measurement Mechanisms (IMMs) can be used to detect tampering attacks to integrity of system components, so as to ensure trustworthiness of a system. If an IMM has been compromised, measurement results are untrustworthy. Therefore, IMMs must be protected to provide credible measurement results. In this paper, we propose an isolation mechanism based on the Intel VMX technology to protect an IMM from being tampered with, even if the whole operating system (OS) is untrusted. The isolation mechanism we proposed can be divided into two parts, one of which is a module running inside an OS while the other one is a hypervisor running as the basis of this OS. As an IMM may be attacked by untrusted software in the way of writing its memory, the module of our isolation mechanism is used to modify the access permission of the IMM. Nevertheless, the threat is not disappeared as untrusted software may run in kernel mode and thus they can also modify the access permission of an IMM. Benefiting from the Intel VMX technology, the hypervisor of our isolation mechanism can monitor and stop these abnormal behaviors of untrusted software. To evaluate our approach, we implement a prototype system named VIsolator. Experimental results indicate that it can effectively and efficiently protect an IMM from being tampered with.
Keywords
The work of this paper was supported in part by National Natural Science Foundation of China (61070192, 91018008, 60873213), National 863 High-Tech Research Development Program of China (2007AA01Z414), Natural Science Foundation of Beijing (4082018) and Open Project of Shanghai Key Laboratory of Intelligent Information Processing (IIPL-09-006).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Azab AM, Ning P, Sezer EC, Zhang X (2009) HIMA: a hypervisor based integrity measurement agent. In: Proceedings of the annual computer security applications conference
Shi W (2010) On methodology of modeling the trust base in operating systems. Comput Sci 37(6)
Swift MM, Bershad BN, Levy HM (2005) Improving the reliability of commodity operating systems. ACM Trans Comput Syst 23(1):77–110
Venema W (2009) Isolation mechanisms for commodity applications and platforms. Computer Science, RC24725(W0901-048)
Suh GE, Clarke D, Gassend B, Dijk M, Devadas S (2003) AEGIS: architecture for tamper-evident and tamper-resistant processing. In: Proceedings of the 17th annual international conference on supercomputing (ICS), ACM Press, New York, pp 160–171
McCune JM, Parno B, Perrig A, Reiter MK, Seshadri A (2008) Flicker: an execution infrastructure for TCB minimization. In: Proceedings of ACM European conference in computer systems (EuroSys)
Dyer J, Lindemanm M, Perez R, Sailer R, Doorn L V, Smith S W, Weingart S (2001) Building the IBM 4758 secure coprocessor. IEEE Comput 34(10):57–66
Rosenblum M, Garfinkel T (2005) Virtual machine monitors: current technology and future trends. IEEE Comput Soc 38(5):39–47
Sharif M, Lee W, Cui W (2009) Secure In-VM monitoring using hardware virtualization. In: Proceedings of 16th ACM conference on computer and communications security (CCS)
Garfinkel T, Rosenblum M (2005) When virtual is harder than real: security challenges in virtual machine based computing environments. In: Proceedings of USENIX 10th workshop on hot topics in operating systems
Drepper U (2008) The cost of virtualization. ACM Queue 6(1):28–35
VMware. Understanding full virtualization, paravirtualization, and hardware assist. http://www.vmware.com/files/pdf/VMware_paravirtualization.pdf
Intel Corporation (2009) Intel 64 and IA-32 architectures software developer’s manual, vol 3A: system programming guide, part 1, number: 253668-031US, June 2009
Intel Corporation (2009) Intel 64 and IA-32 architectures software developer’s manual, vol 3B: system programming guide, part 2, number: 253669-031US, June 2009
McCune JM, Qu N, Li Y, Datta A, Gligor VD, Perrig A (2010) TrustVisor: efficient TCB reduction and attestation. In: Proceedings of the IEEE symposium on security and privacy
Berger S, Caceres R, Goldman KA, Perez R, Sailer R, Doorn L (2006) vTPM: virtualizing the trusted platform module. In: Proceedings of 15th USENIX security symposium, pp 305–320
Seshadri A, Luk M, Qu N, Perrig A (2007) SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In: Proceedings of the symposium on operating systems principles (SOSP)
Li X, Shi W, Liang Z, Liang B, Shan Z (2009) Operating system mechanisms for TPM-based lifetime measurement of process integrity. In: Proceedings of the IEEE 6th international conference on mobile adhoc and sensor systems (MASS), also (TSP 2009), IEEE computer society, pp 783–789
SecurAble. http://www.grc.com/securable.htm
Advanced Micro Devices (2005) AMD64 virtualization: secure virtual machine architecture reference manual. AMD Publication no. 33047 rev. 3.01, May 2005
Barham P, Dragovic B, Fraser K, Hand S, Harris T, Ho A, Neugebauer R, Pratt I, Warfield A (2003) Xen and the art of virtualization. In: Proceedings of the symposium on operating systems principles (SOSP)
Kernel based virtual machine. http://www.linux-kvm.org/page_Main
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media B.V.
About this paper
Cite this paper
He, L., Li, X., Shi, W., Liang, Z., Liang, B. (2011). VIsolator: An Intel VMX-Based Isolation Mechanism. In: Park, J., Jin, H., Liao, X., Zheng, R. (eds) Proceedings of the International Conference on Human-centric Computing 2011 and Embedded and Multimedia Computing 2011. Lecture Notes in Electrical Engineering, vol 102. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-2105-0_24
Download citation
DOI: https://doi.org/10.1007/978-94-007-2105-0_24
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-2104-3
Online ISBN: 978-94-007-2105-0
eBook Packages: EngineeringEngineering (R0)