Building dynamic integrity protection for multiple independent authorities in virtualization-based infrastructure

In grid and cloud computing infrastructures, the integrity of a computing platform is a critical security requirement in order to provide secure and honest computing environments to service providers and resource consumers. However, due to the fact that software components running on a single platform are usually provided and maintained by different authorities which are potentially untrusted to each other, the problem to monitor and protect runtime system integrity become very challenging and has not been well addressed yet. In this paper, we present a virtualization based dynamic integrity protection method which ensures that only appropriate authorities can control over their components without interfering with other component providers or authorities. In our solution, integrity requirements defined by the authorities of upper components (e.g., service middleware and applications) are respected by preventing the underlying components (e.g., operating system) from exposing their sensitive data, which can be caused by update of the underlying components or other malicious actions. We implement our solution on Xen-based platform, and our evaluation results show that the solution is effective for integrity protection with acceptable performance overhead.