期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于邻接点的VMM动态完整性度量方法 被引量:3

Method of dynamic integrity measurement for VMM based on adjacency data
下载PDF
导出
摘要 对于虚拟机监控器的动态完整性度量,由于其位于特权层,且复杂多变,一直是领域内的研究难点。提出了一种基于邻接点的动态完整性度量方法,利用邻接点作为度量模块的宿主,通过面向内存页的完整性模型和评估算法,实现了动态完整性度量。实验表明,能够准确地检测到完整性受到破坏,且仅对计算密集型任务造成适中的性能损耗。 Due to its high privilege and complicated runtime memory, dynamic integrity measurement for VMM(virtual machine monitor) was always a great difficulty in the current study. An innovative method based on the adjacency data was proposed, which used a neighbor as the host of a measurement module. According to an integrity model in memory page granularity and a new improved measurement algorithm, dynamic integrity measurement for VMM was implemented. Experimental data shows it could detect the integrity broken accurately, only causing a moderate performance loss for computing intensive tasks.
作者 吴涛 杨秋松 贺也平
机构地区 中国科学院软件研究所基础软件国家工程研究中心 中国科学院软件研究所计算机科学国家重点实验室 中国科学院大学
出处 《通信学报》 EI CSCD 北大核心 2015年第9期169-180,共12页 Journal on Communications
基金 国家科技重大专项核高基金资助项目(2012ZX01039-004) 国家自然科学青年基金资助项目(61305054)~~
关键词 虚拟机监控器 完整性 动态度量 邻接点 度量环 VMM integrity dynamic measurement adjacency data ring of measurement
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献24

  • 1MCCUNE J, PARNO B, PERRIG A, et al. Minimal TCB code execu- tion [A]. Proc of IEEE Symposium on Security and Privacy[C]. 2007. 267-272.
  • 2MCCUNE J, PARNO B, PERRIG A, et al. An execution infrastructure for TCB minimization[A]. Proc of Eurosys[c]. 2008.
  • 3MCCUNE J, LI Y, QU N, et al. TrustVisor: efficient TCB reduction and attestation[A]. Proc of IEEE Symposium on Security and Pri- vacy[C]. 2010. 143-158.
  • 4SANDHU R S. On five defmitions of data integrity[A]. Proc of the 7th IFIP WG 11.3 Working Conference on Database Security[C]. 1993 257-267.
  • 5Department of Defense, USA. Trusted Computer System Evaluation Criteria, TCSEC[S]. 1985.
  • 6Trusted Computing Group. TPM Main Specification Level 2, Revision 116 [EB/OL]. http://www.trustedcomputinggroup.org/resources/tpm_ main_specification.
  • 7HOFMANN O, KIM S, DUNN A, et al. Inktag: secure applications on an untrusted operating system[A]. Proc of the 18th International Con- ference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2013[C]. 2013. 253-264.
  • 8WANG Z, WU C, GRACE M, et aL Isolating commodity hosted hypervisors with hyperlock[A]. Proc of Eurosys[C]. 2010. 127-140.
  • 9CRISWELL J, DAUTENHAHN N, ADVE V. Virtual ghost: protecting applications from hostile operating systems[A]. Proc of the 19th In- ternational Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2014[C]. 2014. 81-96.
  • 10SAILER R, ZHANG X, JAEGER I", VAN DOORN L. Design and implementation of a TCG-based integrity measurement architecture[A] Proc of the 13th USENIX Security Symposium[C]. 2004. 16.

同被引文献26

引证文献3

二级引证文献2

通信学报
2015年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部