Improvement for vTPM Access Control on Xen

Nowadays, computing resources have taken tens percent of utilization at busy time for increasing computing power. However, the virtual machine (VM) technology is effective to the use of computing resources. Besides, the vulnerable services in VM prevent the affect of the other VM attacks. For example, Amazon has applied the VM method to run in real machine (Host OS) independently but attackers can retrieve data by CPU and memory dump software. Therefore this study suggests a method to improve the access virtual Trusted Platform Module (vTPM) implemented in Xen software to keep the server system safely. Furthermore, we implement and evaluate this method.

[1]  Haibo Chen,et al.  Daonity - Grid security from two levels of virtualization , 2007, Inf. Secur. Tech. Rep..

[2]  Mattia Monga,et al.  Replay attack in TCG specification and solution , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[3]  Steven Hand,et al.  Improving Xen security through disaggregation , 2008, VEE '08.

[4]  Sonia Fahmy,et al.  A Secure Programming Paradigm for Network Virtualization , 2006, 2006 3rd International Conference on Broadband Communications, Networks and Systems.

[5]  Raouf Boutaba,et al.  A survey of network virtualization , 2010, Comput. Networks.

[6]  W. Marsden I and J , 2012 .

[7]  Andrew Warfield,et al.  Safe Hardware Access with the Xen Virtual Machine Monitor , 2007 .

[8]  Xiaomin Zhu,et al.  From virtualized resources to virtual computing grids: the In-VIGO system , 2005, Future Gener. Comput. Syst..

[10]  Roger M. Needham,et al.  Denial of service , 1993, CCS '93.

[11]  Carl A. Waldspurger,et al.  Memory resource management in VMware ESX server , 2002, OSDI '02.

[12]  Xiaolan Zhang,et al.  XenSocket: A High-Throughput Interdomain Transport for Virtual Machines , 2007, Middleware.

[13]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.