Security technology in virtualization system: State of the art and future direction

As a new abstraction layer in computer system, virtualization not only played an important role in improving the resource utilization, its isolated nature has also been used to enhance the security of the operating system, it is an important direction of current security research. In this paper, we make a comprehensive analysis of security technology based on virtualization, and give the characteristics of four types of typical security systems and its key technologies, including virtual machine-based intrusion detection, virtual machine-based kernel protection, virtual machine-based access control, virtual machine-based trusted computing. By focus on the statistical analysis of 35 kinds of security model, we give the problems of current research about threat model establishment, VMM self-protection, as well as formal verification. Finally, we discuss the future direction of research on virtualization security in depth.