Title :
The Application of Virtual Machines on System Security
Author :
Zhao, Siqin ; Chen, Kang ; Zheng, Weimin
Author_Institution :
Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China
Abstract :
It is very important to protect critical resources such as private data and code in computer systems. It is promising to protect private data and to improve the system security by leveraging the isolation attribute of virtual machine (VM). The isolation attribute of VM is provided by Virtual Machine Monitor (VMM) that runs in higher priority than guest OSes. If the critical components are isolated in VMs,access control can be enforced or attestation can be made when the subject is accessing via VMs. In this way, VMs can improve the security level of critical components such as OS, kernel, data, and applications. For computer system security, VMs can be used to detect malware intrusions and to protect critical components, which can be implemented by integrating detection or protection mechanism in either VMM or VMs. Authentication is required to create trustful VMs. This paper surveys technologies related of using virtual machines to enhance system security.
Keywords :
invasive software; virtual machines; access control; authentication; computer system security; critical components; guest OS; malware intrusions; virtual machine monitor; Application software; Computer applications; Data security; Kernel; Operating systems; Protection; Virtual machine monitors; Virtual machining; Virtual manufacturing; Voice mail; Critical component; Isolation; Security; Virtual Machine; Virtual Machine Monitor;
Conference_Titel :
ChinaGrid Annual Conference, 2009. ChinaGrid '09. Fourth
Conference_Location :
Yantai, Shandong
Print_ISBN :
978-0-7695-3818-1
DOI :
10.1109/ChinaGrid.2009.45
