• DocumentCode
    3035418
  • Title

    Information-Flow Aware Virtual Machines: Foundations for Trustworthy Computing

  • Author

    Franz, Michael

  • Author_Institution
    Dept. of Comput. Sci., Univ. of California, Irvine, Irvine, CA
  • fYear
    2009
  • fDate
    3-4 March 2009
  • Firstpage
    91
  • Lastpage
    96
  • Abstract
    Many software systems in use today have enormous trusted computing bases (TCBs). We propose an architecture that makes it possible to shrink the TCB of many such systems. Our solution is based on a virtual-machine (VM) with added information-flow capabilities. In our architecture, all application programs run outside of the TCB under the control of the VM and cannot cause information leaks even if they try. We have implemented a prototype of this architecture and found that the resulting run-time overhead is much lower than expected. In many deployment contexts, it will be perfectly reasonable to make such a moderate performance sacrifice for the benefit of security.
  • Keywords
    security of data; virtual machines; information-flow aware virtual machines; software systems; trusted computing bases; trustworthy computing; Application software; Computer architecture; Control systems; Home computing; Power system reliability; Software quality; Software systems; Transaction databases; Virtual machining; Virtual manufacturing; system security engineering; virtual machines; vulnerability prevention;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Conference For Homeland Security, 2009. CATCH '09. Cybersecurity Applications & Technology
  • Conference_Location
    Washington, DC
  • Print_ISBN
    978-0-7695-3568-5
  • Type

    conf

  • DOI
    10.1109/CATCH.2009.45
  • Filename
    4804430
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3035418