Embedded Trusted Computing Environment Build Based on QEMU Virtual Machine Architecture

Zhang, Lili; Kong, Xiangying

doi:10.1109/iscid.2014.47

Cited by 2 publications

(1 citation statement)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…CTVM [14] is a kernel protection framework that adopts the hardware-assisted virtualization technology of extended page table to create the isolated operating environment for untrusted modules, and then monitors them during the runtime to protect the kernel integrity of guest VM. Zhang et al [15] presented a scheme of embedded trusted computing environment based on virtual machine architecture named QEMU, wherein the functions of trusted cryptographic modules are simulated by software, thus with no other additional hardware. Kumara et al [16] presented a virtual machine introspection (VMI) based on malicious process detection approach for VM, which extracted the high level information such as system call, opened known backdoor ports from introspected memory to identify the spurious process.…”

Section: Introductionmentioning

confidence: 99%

A Multi-level Perception Security Model Using Virtualization

Lou¹,

Jiang²,

Chang³

et al. 2018

TIIS

View full text Add to dashboard Cite

Virtualization technology has been widely applied in the area of computer security research that provides a new method for system protection. It has been a hotspot in system security research at present. Virtualization technology brings new risk as well as progress to computer operating system (OS). A multi-level perception security model using virtualization is proposed to deal with the problems of oversimplification of risk models, unreliable assumption of secure virtual machine monitor (VMM) and insufficient integration with virtualization technology in security design. Adopting the enhanced isolation mechanism of address space, the security perception units can be protected from risk environment. Based on parallel perceiving by the secure domain possessing with the same privilege level as VMM, a mechanism is established to ensure the security of VMM. In addition, a special pathway is set up to strengthen the ability of information interaction in the light of making reverse use of the method of covert channel. The evaluation results show that the proposed model is able to obtain the valuable risk information of system while ensuring the integrity of security perception units, and it can effectively identify the abnormal state of target system without significantly increasing the extra overhead.

show abstract

Section: Introductionmentioning

confidence: 99%