CFCC: A Covert Flows Confinement Mechanism for Virtual Machine Coalitions

Normally, virtualization technology is adopted to construct the infrastructure of cloud computing environment. Resources are managed and organized dynamically through virtual machine (VM) coalitions in accordance with the requirements of applications. Enforcing mandatory access control (MAC) on the VM coalitions will greatly improve the security of VM-based cloud computing. However, the existing MAC models lack the mechanism to confine the covert flows and are hard to eliminate the convert channels. In this paper, we propose a covert flows confinement mechanism for virtual machine coalitions (CFCC), which introduces dynamic conflicts of interest based on the activity history of VMs, each of which is attached with a label. The proposed mechanism can be used to confine the covert flows between VMs in different coalitions. We implement a prototype system, evaluate its performance, and show that our mechanism is practical.

[1]  Trent Jaeger,et al.  PRIMA: policy-reduced integrity measurement architecture , 2006, SACMAT '06.

[2]  Ronald Perez,et al.  Retrofitting the IBM POWER Hypervisor to Support Mandatory Access Control , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[3]  Stefan Berger,et al.  Building a MAC-based security architecture for the Xen open-source hypervisor , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[4]  Andrew Warfield,et al.  Xen and the art of virtualization , 2003, SOSP '03.

[5]  Stefan Berger,et al.  TVDc: managing security in the trusted virtual datacenter , 2008, OPSR.

[6]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[7]  Eliza Varney Distributed Management Task Force, Inc , 2010 .

[8]  Ahmad-Reza Sadeghi,et al.  Towards Multilateral-Secure DRM Platforms , 2005, ISPEC.

[9]  Trent Jaeger,et al.  Consistency analysis of authorization hook placement in the Linux security modules framework , 2004, TSEC.

[10]  Axel Schairer,et al.  Verification of a Formal Security Model for Multiapplicative Smart Cards , 2000, ESORICS.

[11]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[12]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[13]  Hai Jin,et al.  A Prioritized Chinese Wall Model for Managing the Covert Information Flows in Virtual Machine Systems , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[14]  Frédéric Cuppens,et al.  Computer Security - ESORICS 2000 , 2000, Lecture Notes in Computer Science.

[15]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[16]  Stefan Berger,et al.  Shamon: A System for Distributed Mandatory Access Control , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[17]  Trent Jaeger,et al.  Managing the risk of covert information flows in virtual machine systems , 2007, SACMAT '07.

[18]  Trent Jaeger,et al.  Using CQUAL for Static Analysis of Authorization Hook Placement , 2002, USENIX Security Symposium.

[19]  Keith J. Jones,et al.  10th USENIX Security Symposium , 2001, login Usenix Mag..

[20]  Chris I. Dalton,et al.  Towards automated provisioning of secure virtualized networks , 2007, CCS '07.

[21]  Rajkumar Buyya,et al.  Market-Oriented Cloud Computing: Vision, Hype, and Reality for Delivering IT Services as Computing Utilities , 2008, 2008 10th IEEE International Conference on High Performance Computing and Communications.

[22]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[23]  所 真理雄,et al.  20th ACM Symposium on Operating Systems Principles , 1986, SOSP '05.

[24]  Trent Jaeger,et al.  Trusted virtual domains: toward secure distributed services , 2005 .