Team for Research in
Ubiquitous Secure Technology

Requirements for an Integrity-Protected Hypervisor on the x86 Hardware Virtualized Architecture
Amit Vasudevan, Jonathan M. McCune, Ning Qu, Leendert van Doorn, Adrian Perrig

Citation
Amit Vasudevan, Jonathan M. McCune, Ning Qu, Leendert van Doorn, Adrian Perrig. "Requirements for an Integrity-Protected Hypervisor on the x86 Hardware Virtualized Architecture". the 3rd International Conference on Trust and Trustworthy Computing (Trust 2010), June, 2010.

Abstract
Virtualization has been purported to be a panacea for many security problems.We analyze the feasibility of constructing an integrity-protected hypervisor on contemporary x86 hardware that includes virtualization support, observing that without the fundamental property of hypervisor integrity, no secrecy properties can be achieved. Unfortunately, we find that significant issues remain for constructing an integrity-protected hypervisor on such hardware. Based on our analysis, we describe a set of necessary rules that must be followed by hypervisor developers and users to maintain hypervisor integrity. No current hypervisor we are aware of adheres to all the rules. No current x86 hardware platform we are aware of even allows for the construction of an integrity-protected hypervisor. We provide a perspective on secure virtualization and outline a research agenda for achieving truly secure hypervisors

Electronic downloads

Citation formats  
  • HTML
    Amit Vasudevan, Jonathan M. McCune, Ning Qu, Leendert van
    Doorn, Adrian Perrig. <a
    href="http://www.truststc.org/pubs/754.html"
    >Requirements for an Integrity-Protected Hypervisor on
    the x86 Hardware Virtualized Architecture</a>, the 3rd
    International Conference on Trust and Trustworthy Computing
    (Trust 2010), June, 2010.
  • Plain text
    Amit Vasudevan, Jonathan M. McCune, Ning Qu, Leendert van
    Doorn, Adrian Perrig. "Requirements for an
    Integrity-Protected Hypervisor on the x86 Hardware
    Virtualized Architecture". the 3rd International
    Conference on Trust and Trustworthy Computing (Trust 2010),
    June, 2010.
  • BibTeX
    @inproceedings{VasudevanMcCuneQuvanDoornPerrig10_RequirementsForIntegrityProtectedHypervisorOnX86Hardware,
        author = {Amit Vasudevan and Jonathan M. McCune and Ning Qu
                  and Leendert van Doorn and Adrian Perrig},
        title = {Requirements for an Integrity-Protected Hypervisor
                  on the x86 Hardware Virtualized Architecture},
        booktitle = {the 3rd International Conference on Trust and
                  Trustworthy Computing (Trust 2010)},
        month = {June},
        year = {2010},
        abstract = {Virtualization has been purported to be a panacea
                  for many security problems.We analyze the
                  feasibility of constructing an integrity-protected
                  hypervisor on contemporary x86 hardware that
                  includes virtualization support, observing that
                  without the fundamental property of hypervisor
                  integrity, no secrecy properties can be achieved.
                  Unfortunately, we find that significant issues
                  remain for constructing an integrity-protected
                  hypervisor on such hardware. Based on our
                  analysis, we describe a set of necessary rules
                  that must be followed by hypervisor developers and
                  users to maintain hypervisor integrity. No current
                  hypervisor we are aware of adheres to all the
                  rules. No current x86 hardware platform we are
                  aware of even allows for the construction of an
                  integrity-protected hypervisor. We provide a
                  perspective on secure virtualization and outline a
                  research agenda for achieving truly secure
                  hypervisors},
        URL = {http://www.truststc.org/pubs/754.html}
    }
    

Posted by Ning Qu, Ph.D on 7 Jul 2010.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.