DocumentCode :
3508392
Title :
Is Your Virtual Machine Monitor Secure?
Author :
Karger, Paul A.
Author_Institution :
Thomas J. Watson Res. Center, IBM Corp., Yorktown Heights, NY
fYear :
2008
fDate :
14-17 Oct. 2008
Firstpage :
5
Lastpage :
5
Abstract :
It is widely believed that the use of a virtual machine monitor (VMM) is at least as secure, if not more secure than separate systems. In reality, the security of a single system running in a virtual machine can never be as secure as that single system running in its own dedicated physical hardware. If for no other reason, the security of that system in a virtual machine depends on the correct operation of both the operating system and the hypervisor software, while in a dedicated physical computer, it depends only on the correct operation of the operating system. The VMM case always has more opportunity for exploitable security flaws. While many people view virtual machine monitors as something special and different, in realty they are just special-purpose operating systems. The major difference is that the API to a virtual machine monitor is the instruction set of the virtual machine, while the API to an operating system is a set of system calls to manipulate processes, file systems, perform I/O, etc. To the extent that a particular VMM uses paravirtualization, it begins to look more like a classical operating system than a VMM.
Keywords :
application program interfaces; operating systems (computers); security of data; virtual machines; API; application program interface; hypervisor software; operating system; virtual machine monitor security; Computer security; Control systems; Hardware; Information security; National security; Operating systems; Physics computing; Virtual machine monitors; Virtual machining; Virtual manufacturing; Security; Virtual Machine Monitors;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Trusted Infrastructure Technologies Conference, 2008. APTC '08. Third Asia-Pacific
Conference_Location :
Hubei
Print_ISBN :
978-0-7695-3363-6
Type :
conf
DOI :
10.1109/APTC.2008.18
Filename :
4683076
Link To Document :
بازگشت