A BLP-Based Access Control Mechanism for the Virtual Machine System

Author

Weng, Chuliang ; Luo, Yuan ; Li, Minglu ; Lu, Xinda

Author_Institution

Dept. of Comput. Sci. & Eng., Shanghai Jiao Tong Univ., Shanghai

fYear

2008

fDate

18-21 Nov. 2008

Firstpage

2278

Lastpage

2282

Abstract

The virtual machine system such as Xen provides a security isolation between virtual machines (VM) running on the virtual machine monitor (VMM). With the wide application of the virtualization technology, VMM is expected to not only provide the simple isolation but also provide limited sharing between VMs in a secure manner. In this paper, we present an access control mechanism for the virtual machine system, which is based on the BLP model. We prove that the virtual machine system with the access control mechanism and an initial secure state is a secure system. In addition, we implement a prototype of the access control mechanism for the virtual machine system based on Xen.

Keywords

authorisation; supervisory programs; virtual machines; BLP-based access control mechanism; security isolation; virtual machine monitor; virtual machine system; virtualization technology; Access control; Application software; Computer security; Hardware; Operating systems; Resource management; Virtual machine monitors; Virtual machining; Virtual manufacturing; Voice mail; System security; access control; virtual machine; virtual machine monitor;

fLanguage

English

Publisher

ieee

Conference_Titel

Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for

Conference_Location

Hunan

Print_ISBN

978-0-7695-3398-8

Electronic_ISBN

978-0-7695-3398-8

Type

conf

DOI

10.1109/ICYCS.2008.503

Filename

4709327