Abstract :
As a new abstraction layer in computer system, virtualization not only played an important role in improving the resource utilization, its isolated nature has also been used to enhance the security of the operating system, it is an important direction of current security research. In this paper, we make a comprehensive analysis of security technology based on virtualization, and give the characteristics of four types of typical security systems and its key technologies, including virtual machine-based intrusion detection, virtual machine-based kernel protection, virtual machine-based access control, virtual machine-based trusted computing. By focus on the statistical analysis of 35 kinds of security model, we give the problems of current research about threat model establishment, VMM self-protection, as well as formal verification. Finally, we discuss the future direction of research on virtualization security in depth.
Keywords :
operating systems (computers); program verification; security of data; trusted computing; virtual machines; virtualisation; VMM self-protection; abstraction layer; computer system; formal verification; operating system; resource utilization; security technology; virtual machine-based access control; virtual machine-based intrusion detection; virtual machine-based kernel protection; virtual machine-based trusted computing; virtualization security; virtualization system; access control; intrusion detection; malware; safety protection; virtualization;
