Recursive virtual machines for advanced security mechanisms

Virtualization contributes to the optimization and modularization of resource usage in a machine. Furthermore, many systems have relied on a virtualization layer to provide extra security functionality. Both features rank amongst the most important of the technological capabilities enabling cloud computing, improving performance and security. The availability of hardware support for ×86 virtualization allows to run virtual machines (VMs) with very low overhead. However, using hardware virtualization inside the OS makes it unavailable for any additional security code as the hardware supports only a single layer of VMs. Stacking virtual machines recursively is one solution to this problem. Unfortunately, current implementations induce an overhead that grows exponentially with the stacking depth. In the paper we address this conflict by describing a novel design that mitigates the performance issues of recursive virtual machines. Once this solved, the doors are open for the design of advanced security mechanisms that are implemented in the intermediate layers and provide additional security features to the system. We suggest concrete ways to further explore this avenue.

[1]  Mike Hibler,et al.  Microkernels meet recursive virtual machines , 1996, OSDI '96.

[2]  Muli Ben-Yehuda,et al.  The Turtles Project: Design and Implementation of Nested Virtualization , 2010, OSDI.

[3]  Fred B. Schneider,et al.  Hypervisor-based fault tolerance , 1996, TOCS.

[4]  Alex Garthwaite,et al.  The evolution of an x86 virtual machine monitor , 2010, OPSR.

[5]  Gerald Belpaire,et al.  Hardware architecture for recursive Virtual Machines , 1975, ACM '75.

[6]  Gil Neiger,et al.  Intel virtualization technology , 2005, Computer.

[7]  Robert P. Goldberg,et al.  Formal requirements for virtualizable third generation architectures , 1973, SOSP 1973.

[8]  Srilatha Manne,et al.  Accelerating two-dimensional page walks for virtualized systems , 2008, ASPLOS.

[9]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[10]  Miguel Correia,et al.  Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery , 2010, IEEE Transactions on Parallel and Distributed Systems.

[11]  Samuel T. King,et al.  ReVirt: enabling intrusion analysis through virtual-machine logging and replay , 2002, OPSR.

[12]  Udo Steinberg,et al.  NOVA: a microhypervisor-based secure virtualization architecture , 2010, EuroSys '10.

[13]  Adrian Perrig,et al.  SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes , 2007, SOSP.

[14]  Miguel Correia,et al.  Intrusion-Resilient Middleware Design and Validation , 2009 .

[15]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[16]  Xiaoxin Chen,et al.  Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems , 2008, ASPLOS.