DocumentCode :
2703964
Title :
Introducing Role-Based Access Control to a Secure Virtual Machine Monitor: Security Policy Enforcement Mechanism for Distributed Computers
Author :
Hirano, Manabu ; Shinagawa, Takahiro ; Eiraku, Hideki ; Hasegawa, Shoichi ; Omote, Kazumasa ; Tanimoto, Koichi ; Horie, Takashi ; Kato, Kazuhiko ; Okuda, Takeshi ; Kawai, Eiji ; Yamaguchi, Suguru
Author_Institution :
Dept. of Inf. & Comput. Eng., Toyota Nat. Coll. of Technol., Toyota
fYear :
2008
fDate :
9-12 Dec. 2008
Firstpage :
1225
Lastpage :
1230
Abstract :
In recent years, as the data processed by governmental or commercial organizations increases, cases involving information leak have risen. It is difficult to control information on many distributed end-point computers using conventional security mechanisms. Therefore, we have been proposed a novel secure VMM (Virtual Machine Monitor) architecture which is used as a foundation of security policy enforcement on distributed computers. This paper especially introduces Role-based Access Control (RBAC) to the ID management framework in a secure VMM system. Our proposal will reduce costs for distributed policies updates. Proposed RBAC mechanism employs attribute certificates (ACs) to handle userpsilas roles. This paper shows design and prototype implementation based on PKI-based ID card and proven open source VMM software, QEMU.
Keywords :
authorisation; distributed processing; virtual machines; attribute certificates; distributed end-point computers; role-based access control; secure virtual machine monitor; security policy enforcement mechanism; Access control; Computer architecture; Computer security; Costs; Data security; Distributed computing; Identity management systems; Information security; Proposals; Virtual machine monitors; Hypervisor; Policy enforcement; RBAC; Role-based access control; Security; VMM; Virtual machine monitor;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Asia-Pacific Services Computing Conference, 2008. APSCC '08. IEEE
Conference_Location :
Yilan
Print_ISBN :
978-0-7695-3473-2
Electronic_ISBN :
978-0-7695-3473-2
Type :
conf
DOI :
10.1109/APSCC.2008.14
Filename :
4780847
Link To Document :
بازگشت