Title :
Towards integrity measurement in virtualized environments — A hypervisor based sensory integrity measurement architecture (SIMA)
Author :
Stelte, Björn ; Koch, Robert ; Ullmann, Markus
Author_Institution :
Fac. of Comput. Sci., Univ. der Bundeswehr Munchen, Neubiberg, Germany
Abstract :
Today, the security of virtualization is based on the isolation properties provided by the hypervisor. This security-by-isolation concept depends on the high integrity of each virtual system as well as a trustworthy host system. Erroneous implementation or conceptional failure limits this isolation mechanism. Today the strength of the isolation can only be guaranteed after a boot operation. Missing is a permanent surveillance of the separation mechanisms during the system operation. That is the main subject of our proposal. We suggest the integration of a sensory integrity measurement architecture (SIMA) for this purpose. SIMA consists of trusted virtual sensors and an analyzing sink to monitor the integrity of the system permanently during operation. Additionally, to have integrity from the beginning, the capabilities of a TPM are used to assure a trusted boot process.
Keywords :
security of data; virtual machines; SIMA; boot operation; hypervisor based sensory integrity measurement architecture; isolation properties; permanent surveillance; security-by-isolation concept; towards integrity measurement; trustworthy host system; virtualization security; virtualized environments; Computer architecture; Monitoring; Security; Sensor systems; Virtual machine monitors; Virtual machining; Additionally; the capabilities of a TPM are used to assure a trusted boot process; to have integrity from the beginning;
Conference_Titel :
Technologies for Homeland Security (HST), 2010 IEEE International Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4244-6047-2
DOI :
10.1109/THS.2010.5655084
