Title :
ODLV: On-Demand Lightweight Virtualization Based Trusted Network Connect Endpoint
Author :
Ge Cheng ; Cong Li ; Qiang Li
Author_Institution :
Sch. of Math. & Comput. Sci., Xiangtan Univ., Xiangtan, China
Abstract :
We present ODLV: an on-demand lightweight virtualization mechanism to solve the "lying endpoint problem" in TCG-TNC. ODLV utilizes dynamic root of trust and virtualization technologies of new commodity processors from Intel and AMD to dynamically establish a chain of trust and to insert a Lightweight Virtual Machine Manager (LVMM) under commodity Operating System (OS). The LVMM protects itself and some Trusted Network Connect (TNC) components from the influence of the OS environment. Compared with the existing architectures, ODLV measures the endpoint with very small overhead and no modification to guest OS. In addition, ODLV has a very small Trusted Computing Base (TCB) and provides run-time measurement rather than the load-time measurement. We implement ODLV in Linux and our analysis and evaluation demonstrate that ODLV is effective and practical.
Keywords :
Linux; trusted computing; virtual machines; virtualisation; AMD; Intel; LVMM; Linux; ODLV; OS environment; TCB; TCG-TNC; TNC components; commodity operating system; commodity processors; lightweight virtual machine manager; load-time measurement; lying endpoint problem; on-demand lightweight virtualization; run-time measurement; trusted computing base; trusted network connect endpoint; virtualization technologies; Computer architecture; Kernel; Linux; Program processors; Security; Virtualization; DRTM; Lightweight; On-demand vitualization; TNC;
Conference_Titel :
Intelligent Networks and Intelligent Systems (ICINIS), 2013 6th International Conference on
Conference_Location :
Shenyang
Print_ISBN :
978-1-4799-2808-8
DOI :
10.1109/ICINIS.2013.40
