With analysis of limitations Trusted Computing Group (TCG) has encountered, we argued that virtual machine monitor (VMM) is the appropriate architecture for implementing TCG specification. Putting together the VMM...With analysis of limitations Trusted Computing Group (TCG) has encountered, we argued that virtual machine monitor (VMM) is the appropriate architecture for implementing TCG specification. Putting together the VMM architecture, TCG hardware and application-oriented "thin" virtual machine (VM), Trusted VMM-based security architecture is present in this paper with the character of reduced and distributed trusted computing base (TCB). It provides isolation and integrity guarantees based on which general security requirements can be satisfied.展开更多
The data and applications in cloud computing reside in cyberspace, that allowing to users access data through any connection device, when you need to transfer information over the cloud, you will lose control of it. T...The data and applications in cloud computing reside in cyberspace, that allowing to users access data through any connection device, when you need to transfer information over the cloud, you will lose control of it. There are multi types of security challenge must be understood and countermeasures. One of the major security challenges is resources of the cloud computing infrastructures are provided as services over the Internet, and entire data in the cloud computing are reside over network resources, that enables the data to be access through VMs. In this work, we describe security techniques for securing a VCCI, VMMs such as Encryption and Key Management (EKM), Access Control Mechanisms (ACMs), Virtual Trusted Platform Module (vTPM), Virtual Firewall (VF), and Trusted Virtual Domains (TVDs). In this paper we focus on security of virtual resources in Virtualized Cloud Computing Infrastructure (VCCI), Virtual Machine Monitor (VMM) by describing types of attacks on VCCI, and vulnerabilities of VMMs and we describe the techniques for securing a VCCI.展开更多
CNC machine have a fast development and is widely used in China. Generally, CNC machine tool, includs CNC lathes and CNC milling machine. CNC machine tool is a necessary tool for machining. It plays an important role ...CNC machine have a fast development and is widely used in China. Generally, CNC machine tool, includs CNC lathes and CNC milling machine. CNC machine tool is a necessary tool for machining. It plays an important role in the mechanical design and machining fields. CNC machine tool is mainly composed of two parts of the machine body and the computer control system. Mechanical equipment failures usually related information such as vibration, sound, pressure, temperature performance. CNC machine tool vibration monitoring system with piezoelectric accelerometer, the eddy current displacement sensor, signal amplifier, signal conditioning modules. We can take an advantage of the CNC machine tool vibration monitoring system for vibration monitoring and fault diagnosis of CNC machine tools.展开更多
Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at the...Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at these vulnerabilities,relative attack methods were presented in detail. Our experiments show that the attack methods,such as page mapping attack,data attack,and non-behavior detection attack,can attack simulated or original security monitors successfully. Defenders,who need to effectively strengthen their security monitors,can get an inspiration from these attack methods and find some appropriate solutions.展开更多
As wind is the basis of all wind energy projects, a precise knowledge about its availability is needed. For ananalysis of the site-specific wind conditions, Virtual Meteorological Masts (VMMs) are frequently used. VMM...As wind is the basis of all wind energy projects, a precise knowledge about its availability is needed. For ananalysis of the site-specific wind conditions, Virtual Meteorological Masts (VMMs) are frequently used. VMMsmake use of site calibrated numerical data to provide precise wind estimates during all phases of a wind energyproject. Typically, numerical data are used for the long-term correlation that is required for estimating theyield of new wind farm projects. However, VMMs can also be used to fill data gaps or during the operationalphase as an additional reference data set to detect degrading sensors. The value of a VMM directly dependson its ability and precision to reproduce site-specific environmental conditions. Commonly, linear regressionis used as state of the art to correct reference data to the site-specific conditions. In this study, a frameworkof 10 different machine-learning methods is tested to investigated the benefit of more advanced methods ontwo offshore and one onshore site. We find significantly improving correlations between the VMMs and the reference data when using more advanced methods and present the most promising ones. The K-NearestNeighbors and AdaBoost regressors show the best results in our study, but Multi-Output Mixture of GaussianProcesses is also very promising. The use of more advanced regression models lead to decreased uncertainties;hence those methods should find its way into industrial applications. The recommended regression models canserve as a starting point for the development of end-user applications and services.展开更多
Virtual machine monitors (VMMs) play a central role in cloud computing. Their reliability and availability are critical for cloud computing. Virtualization and device emu- lation make the VMM code base large and the...Virtual machine monitors (VMMs) play a central role in cloud computing. Their reliability and availability are critical for cloud computing. Virtualization and device emu- lation make the VMM code base large and the interface be- tween OS and VMM complex. This results in a code base that is very hard to verify the security of the VMM. For exam- ple, a misuse of a VMM hyper-call by a malicious guest OS can corrupt the whole VMM. The complexity of the VMM also makes it hard to formally verify the correctness of the system's behavior. In this paper a new VMM, operating sys- tem virtualization (OSV), is proposed. The multiprocessor boot interface and memory configuration interface are virtu- alized in OSV at boot time in the Linux kernel. After booting, only inter-processor interrupt operations are intercepted by OSV, which makes the interface between OSV and OS sim- ple. The interface is verified using formal model checking, which ensures a malicious OS cannot attack OSV through the interface. Currently, OSV is implemented based on the AMD Opteron multi-core server architecture. Evaluation re- sults show that Linux running on OSV has a similar perfor- mance to native Linux. OSV has a performance improvement of 4%-13% over Xen.展开更多
The concept of virtualization machines is not new, but it is increasing vastly and gaining popularity in the IT world. Hypervisors are also popular for security as a means of isolation. The virtualization of informati...The concept of virtualization machines is not new, but it is increasing vastly and gaining popularity in the IT world. Hypervisors are also popular for security as a means of isolation. The virtualization of information technology infrastructure creates the enablement of IT resources to be shared and used on several other devices and applications;this increases the growth of business needs. The environment created by virtualization is not restricted to any configuration physically or execution. The resources of a computer are shared logically. Hypervisors help in virtualization of hardware that is a software interact with the physical system, enabling or providing virtualized hardware environment to support multiple running operating system simultaneously utilizing one physical server. This paper explores the benefits, types and security issues of Virtualization Hypervisor in virtualized hardware environment.展开更多
基金Supported by the National Program on Key Basic Re-search Project of China (G1999035801)
文摘With analysis of limitations Trusted Computing Group (TCG) has encountered, we argued that virtual machine monitor (VMM) is the appropriate architecture for implementing TCG specification. Putting together the VMM architecture, TCG hardware and application-oriented "thin" virtual machine (VM), Trusted VMM-based security architecture is present in this paper with the character of reduced and distributed trusted computing base (TCB). It provides isolation and integrity guarantees based on which general security requirements can be satisfied.
文摘The data and applications in cloud computing reside in cyberspace, that allowing to users access data through any connection device, when you need to transfer information over the cloud, you will lose control of it. There are multi types of security challenge must be understood and countermeasures. One of the major security challenges is resources of the cloud computing infrastructures are provided as services over the Internet, and entire data in the cloud computing are reside over network resources, that enables the data to be access through VMs. In this work, we describe security techniques for securing a VCCI, VMMs such as Encryption and Key Management (EKM), Access Control Mechanisms (ACMs), Virtual Trusted Platform Module (vTPM), Virtual Firewall (VF), and Trusted Virtual Domains (TVDs). In this paper we focus on security of virtual resources in Virtualized Cloud Computing Infrastructure (VCCI), Virtual Machine Monitor (VMM) by describing types of attacks on VCCI, and vulnerabilities of VMMs and we describe the techniques for securing a VCCI.
基金supported by 2017 Jieyang Science and Technology Innovation and Development Special Fund Project(2017xm014)2018 Key Scientific Research Platform and Project of Guangdong Universities(2018GkQNCX079)
文摘CNC machine have a fast development and is widely used in China. Generally, CNC machine tool, includs CNC lathes and CNC milling machine. CNC machine tool is a necessary tool for machining. It plays an important role in the mechanical design and machining fields. CNC machine tool is mainly composed of two parts of the machine body and the computer control system. Mechanical equipment failures usually related information such as vibration, sound, pressure, temperature performance. CNC machine tool vibration monitoring system with piezoelectric accelerometer, the eddy current displacement sensor, signal amplifier, signal conditioning modules. We can take an advantage of the CNC machine tool vibration monitoring system for vibration monitoring and fault diagnosis of CNC machine tools.
基金Supported by National 242 Plan Project(2005C48)the Technology Innovation Programme Major Projects of Beijing Institute of Technology(2011CX01015)
文摘Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at these vulnerabilities,relative attack methods were presented in detail. Our experiments show that the attack methods,such as page mapping attack,data attack,and non-behavior detection attack,can attack simulated or original security monitors successfully. Defenders,who need to effectively strengthen their security monitors,can get an inspiration from these attack methods and find some appropriate solutions.
基金ts Digitale Windboje(FKZ 03EE3024)and“ADWENTURE”(FKZ 03EE2030)funded by the German Federal Ministry for Economic Affairs and Climate Action(BMWK)Other parts were funded by the BMBF project“MADESI”(FKZ 01IS18043B)+2 种基金by the Competence Center for AI and Labour(“kompAKI”,FKZ 02L19C150)The project also benefited from the Hessian Ministry of Higher Education,Research,Science and the Arts(HMWK)project“The Third Wave of AI”.The WRF simulations were performed on the HPC Cluster EDDY,located at the University of Oldenburg(Germany)and were funded by BMWK(FKZ 0324005)We would like to thank the Federal Maritime and Hydrographic Agency(BSH)for providing the met mast data of FINO2 and FINO3,and Engie SA for the SCADA data of R80736.Also we would like to acknowledge ECMWF for providing ERA5 data.
文摘As wind is the basis of all wind energy projects, a precise knowledge about its availability is needed. For ananalysis of the site-specific wind conditions, Virtual Meteorological Masts (VMMs) are frequently used. VMMsmake use of site calibrated numerical data to provide precise wind estimates during all phases of a wind energyproject. Typically, numerical data are used for the long-term correlation that is required for estimating theyield of new wind farm projects. However, VMMs can also be used to fill data gaps or during the operationalphase as an additional reference data set to detect degrading sensors. The value of a VMM directly dependson its ability and precision to reproduce site-specific environmental conditions. Commonly, linear regressionis used as state of the art to correct reference data to the site-specific conditions. In this study, a frameworkof 10 different machine-learning methods is tested to investigated the benefit of more advanced methods ontwo offshore and one onshore site. We find significantly improving correlations between the VMMs and the reference data when using more advanced methods and present the most promising ones. The K-NearestNeighbors and AdaBoost regressors show the best results in our study, but Multi-Output Mixture of GaussianProcesses is also very promising. The use of more advanced regression models lead to decreased uncertainties;hence those methods should find its way into industrial applications. The recommended regression models canserve as a starting point for the development of end-user applications and services.
文摘Virtual machine monitors (VMMs) play a central role in cloud computing. Their reliability and availability are critical for cloud computing. Virtualization and device emu- lation make the VMM code base large and the interface be- tween OS and VMM complex. This results in a code base that is very hard to verify the security of the VMM. For exam- ple, a misuse of a VMM hyper-call by a malicious guest OS can corrupt the whole VMM. The complexity of the VMM also makes it hard to formally verify the correctness of the system's behavior. In this paper a new VMM, operating sys- tem virtualization (OSV), is proposed. The multiprocessor boot interface and memory configuration interface are virtu- alized in OSV at boot time in the Linux kernel. After booting, only inter-processor interrupt operations are intercepted by OSV, which makes the interface between OSV and OS sim- ple. The interface is verified using formal model checking, which ensures a malicious OS cannot attack OSV through the interface. Currently, OSV is implemented based on the AMD Opteron multi-core server architecture. Evaluation re- sults show that Linux running on OSV has a similar perfor- mance to native Linux. OSV has a performance improvement of 4%-13% over Xen.
文摘The concept of virtualization machines is not new, but it is increasing vastly and gaining popularity in the IT world. Hypervisors are also popular for security as a means of isolation. The virtualization of information technology infrastructure creates the enablement of IT resources to be shared and used on several other devices and applications;this increases the growth of business needs. The environment created by virtualization is not restricted to any configuration physically or execution. The resources of a computer are shared logically. Hypervisors help in virtualization of hardware that is a software interact with the physical system, enabling or providing virtualized hardware environment to support multiple running operating system simultaneously utilizing one physical server. This paper explores the benefits, types and security issues of Virtualization Hypervisor in virtualized hardware environment.
