科技报告详细信息
Towards Trustworthy Virtualisation Environments: Xen Library OS Security Service Infrastructure
Anderson, Melvin J. ; Moffie, Micha ; Dalton, Chris I.
HP Development Company
关键词: trusted computing;    virtualisation;    Xen hypervisor;   
RP-ID  :  HPL-2007-69
学科分类:计算机科学(综合)
美国|英语
来源: HP Labs
PDF
【 摘 要 】

New cost effective commodity PC hardware now includes fully virtualisable processors and the Trusted Computing Group's trusted platform module (TPM). This provides the opportunity to combine virtualisation, trusted computing and open source software development to tackle the security challenges modern computing faces. We believe that leveraging this technology to partition critical operating system services and applications into small modules with strictly controlled interactions is a good way to improve trustworthiness. To support the development of small applications running in Xen domains we built a library OS. We ported the GNU cross-development tool chain and standard C libraries to the small operating system kernel included with the Xen distribution, and wrote an inter-domain communications (IDC) library for communications between Xen domains. To confirm the usability of our library OS we ported a software TPM to run on it as a typical application. We evaluated the performance of our IDC system and showed that it has good performance for the applications we envisage. We have shown that a lightweight library OS offers a convenient and practical way of reducing the trusted computing base of applications by running security sensitive components in separate Xen domains. 15 Pages

【 预 览 】
附件列表
Files Size Format View
RO201804100002001LZ 119KB PDF download
  文献评价指标  
  下载次数:8次 浏览次数:35次