XEN Virtual Machine Technology and Its Security Analysis 被引量：4

XEN Virtual Machine Technology and Its Security Analysis

下载PDF

导出

摘要 This paper interprets the essence of XEN and hardware virtualization technology, which make the virtual machine technology become the focus of people＇s attention again because of its impressive performance. The security challenges of XEN are mainly researched from the pointes of view： security bottleneck, security isolation and share, life-cycle, digital copyright protection, trusted virtual machine and managements, etc. These security problems significantly affect the security of the virtual machine system based on XEN. At the last, these security measures are put forward, which will be a useful instruction on enhancing XEN security in the future. This paper interprets the essence of XEN and hardware virtualization technology, which make the virtual machine technology become the focus of people＇s attention again because of its impressive performance. The security challenges of XEN are mainly researched from the pointes of view： security bottleneck, security isolation and share, life-cycle, digital copyright protection, trusted virtual machine and managements, etc. These security problems significantly affect the security of the virtual machine system based on XEN. At the last, these security measures are put forward, which will be a useful instruction on enhancing XEN security in the future.

作者 XUE Haifeng QING Sihan ZHANG Huanguo

机构地区 School of Computer Institute of Software

出处《Wuhan University Journal of Natural Sciences》 CAS 2007年第1期159-162,共4页 武汉大学学报（自然科学英文版）

基金 Supported by the National Natural Science Foundation of China (90104005, 60373087, 60473023) and Network and Information Security Key Laboratory Program of Ministry of Education of China

关键词 virtual machine XEN SECURITY virtual machine XEN security

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献1

1卿斯汉.高安全等级安全操作系统的隐蔽通道分析[J].软件学报,2004,15(12):1837-1849. 被引量：31

二级参考文献27

1Kemmerer RA, Taylor TA. Modular covert channel analysis methodology for trusted DG/UXTM. IEEE Trans. on Software Engineering, Vol. 22, 1996.
2Denning DE. A lattice model of secure information flow. Communications of the ACM, 1976. 236-243.
3He J, Gligor VD. Information flow analysis for covert-channel identification in multilevel secure operating systems. In: Proc. of the 3rd IEEE Workshop on Computer Security Foundations. 1990. 139-148.
4Feiertag R. A technique for proving specifications are multilevel secure. Technical Report CSL-109, 1980.
5Feiertag R, Levitt KN, Robinson L. Proving multilevel security of a system design. In: Proc. of the 6th ACM Symp. on Operating Systems Principles. 1977.57-65.
6Goguen JA, Meseguer J. Security policies and security models. In: Proc. of the IEEE Symp. on Security and Privacy. 1982. 11-20.
7Millen JK. Foundations of covert-channel detection. Technical Report MTR-10538, The M1TRE Corporation, 1989.
8Goguen JA, Meseguer J. Unwinding and inference vontrol. In: Proc. of the IEEE Symp. on Security and Privacy. 1984. 75-86.
9Haigh JT, Kemmerer RA, McHugh J, Young WD. An experience using two covert channel analysis techniques on a real system design. IEEE Trans. on Software Engineering, 1987. 157-168.
10Millen JK. Finite-State noiseless covert channels. In: Proc. of the Computer Security Foundations Workshop. 1989.81-85.

共引文献30

1王保华,李丹宁,李丹,马新强,章衡.高安全级别安全数据库的隐蔽通道分析[J].计算机研究与发展,2006,43(z2):168-172. 被引量：1
2张世明,何守才.数据库系统隐蔽通道分析的设计[J].计算机工程,2006,32(18):133-134. 被引量：1
3崔宾阁,刘大昕.基于信息流图的隐通道分析技术研究[J].哈尔滨工程大学学报,2006,27(5):742-747. 被引量：2
4王保华,李丹宁,马新强,章衡.基于Logic SQL安全数据库的隐蔽通道分析[J].贵州科学,2006,24(4):60-63.
5王保华,马新强,李丹宁,李丹,章衡,赵振勇.安全数据库隐蔽通道的标识技术与实例分析[J].计算机技术与发展,2007,17(2):233-235. 被引量：2
6刘文清,韩乃平,陈喆.一个安全操作系统SLinux隐蔽通道标识与处理[J].电子学报,2007,35(1):153-156. 被引量：9
7卿斯汉,沈昌祥.高等级安全操作系统的设计[J].中国科学（E辑）,2007,37(2):238-253. 被引量：16
8QING SiHan1,2 & SHEN ChangXiang3 1 Institute of Software, Chinese Academy of Sciences, Beijing 100080, China,2 School of Software and Microelectronics, Peking University, Beijing 102600, China,3 Institute of Computing Technology, Navy, Beijing 100841, China.Design of secure operating systems with high security levels[J].Science in China(Series F),2007,50(3):399-418. 被引量：5
9刘志锋,鞠时光,王昌达,周从华.隐通道传递信息机理的研究[J].计算机科学,2007,34(10):92-95.
10王衍波,张凯泽,端木庆峰,王景玉.广义信息隐藏技术分类研究[J].军事通信技术,2007,28(4):45-50. 被引量：1

同被引文献18

1屈波,熊前兴,吴业福,李玉强,陶强.基于物理隔离的安全网闸研究与系统设计[J].计算机科学,2004,31(B09):222-225. 被引量：5
2杨少春.采用VMware构建虚拟并行计算网[J].计算机工程与设计,2006,27(14):2546-2547. 被引量：20
3孙世昶,李忠明.XEN虚拟机系统直接I/O访问机制的研究与实现[J].大连民族学院学报,2007,9(3):30-33. 被引量：2
4Waiters J P, Vipin Chaudhary, Minsuk Cha, et ai. A comparison of virtualization technologies for HPC[C]. 22nd International Conference on Advanced Information Networking and Appfications, 2008, 861-868.
5Ludmila Cherkasova, Diwaker Gupta, et al. Comparison of the three CPU schedulers in Xen [ C ]. ACM Sigmetries Performance Evaluation Review, Sep. 2007,42-51.
6Shisnall David. The definitive guide to the Xen hypervisor[ Z]. 2007,11-19.
7CREDIT-Based CPU scheduler[ EBOL]. http://wild, xcnsourcc. com/xenwiki/CrcditSchcdulcr, 2007.
8Xen Interface manual Xen v3.0 for x86. http://www, cl. cam. ac. uk/research/srg/netos/xen/readmes/interface/interface, html [ EB-OL], 2008.
9Amit Sinha, Anantha P Chandrakasan. Energy efficient real-time scheduling[C]. Proceedings of the 2001 IEEE/ACM International Conference on Computer-aided Design, 2001,458-463.
10XEN. Xen sourcecode: sched serif, c[EBOL], http:// Ixr. Xensource, com/Lxr/source/Xen/common/sched_sedf, c, 2007.

引证文献4

1薛青,张延园.虚拟机宿主服务器及其性能收集方法研究[J].计算机工程与设计,2009,30(21):4984-4987. 被引量：1
2姚文斌,郑兴杰.一种改进的SEDF调度算法[J].小型微型计算机系统,2010,31(3):446-450. 被引量：1
3董贵山,邓春梅,邓子建.一种基于虚拟机的安全隔离与交换系统[J].信息安全与通信保密,2011,9(11):73-76.
4龚敏斌,潘理,姚立红.虚拟机监视器系统策略完整性安全机制[J].计算机工程与设计,2014,35(1):17-20.

二级引证文献2

1许娜.基于VMware ESX Server的实验教学平台建设[J].实验室研究与探索,2011,30(9):202-205. 被引量：18
2暴锡文.一种云计算环境下基于Xen的虚拟机调度机制[J].计算机测量与控制,2014,22(10):3381-3384. 被引量：1

1肖跃雷,王育民,庞辽军.对结合TLS的TNC IF-T协议的安全性分析与改进(英文)[J].China Communications,2013,10(7):85-92. 被引量：1
2茅兴,钟亦平,张世永.信息系统安全瓶颈的飘移[J].计算机工程,2004,30(22):114-116. 被引量：1
3SHI JianHong,ZHANG ShengLi,CHANG ZhengGang.The security analysis of a threshold proxy quantum signature scheme[J].Science China Chemistry,2013,56(3):519-523. 被引量：5
4Jie Yang Tian Yang.BB84 Protocol and Its Security Analysis[J].通讯和计算机（中英文版）,2005,2(11):38-42.
5DAI Guang-ming,WANG Mao-cai,HU Han-ping.Security analysis on WEP protocol[J].通讯和计算机（中英文版）,2008,5(2):25-27.
6刘平.网络安全瓶颈,电子商务之癌[J].中国现代教育装备,2006(3):86-88.
7刘喜敏,杨国明.电子支付的安全问题与对策分析[J].华南金融电脑,2007,15(4):71-73. 被引量：9
8吴涛.浅谈云计算及云安全[J].信息安全与通信保密,2012,10(2):63-66. 被引量：13
9CHANG Yinlong,HU Huaping.Security Analysis of an Electronic Commerce Protocol Using Casper/FDR2[J].Wuhan University Journal of Natural Sciences,2012,17(6):499-503. 被引量：1
10XUE Qingshui,CAO Zhenfu.Security Analysis and Improvement of Some Threshold Proxy Signature Schemes[J].通讯和计算机（中英文版）,2005,2(1):17-25. 被引量：2

Wuhan University Journal of Natural Sciences

2007年第1期

浏览历史

内容加载中请稍等...