Institutional Repository
| hGuard: A Framework to Measure Hypervisor Critical Files | |
| Ding, Baozeng; He, Yeping; Zhou, Qiming; Wu, Yanjun; Wu, Jingzheng | |
| 2013 | |
| Conference Name | 7th IEEE International Conference on Software Security and Reliability (SERE) |
| Pages | 177-182 |
| Conference Date | JUN 18-20, 2013 |
| Conference Place | Gaithersburg, MD |
| Indexed Type | CPCI |
| Publish Place | IEEE COMPUTER SOC |
| ISBN | 978-0-7695-5030-5 |
| Department | [Ding, Baozeng; He, Yeping; Zhou, Qiming; Wu, Yanjun; Wu, Jingzheng] Chinese Acad Sci, Inst Software, Beijing 100864, Peoples R China. |
| English Abstract | Virtualization has been widely adopted in current computer systems. A key part of virtualization is a hypervisor, which virtualizes physical resources to be shared among multiple guest virtual machines (VMs). Configuration files and security policy files used by the hypervisor control VMs' behavior. If these critical files are tampered with, all the VMs that run on the same hypervisor will be affected. This paper presents hGuard, a framework to measure hypervisor critical files. Each time a critical file is updated, its hash is stored into a non-volatile storage of the trusted chip. When a critical file is loaded into memory, a measurement module computes its hash and a validation module checks its integrity by comparing this hash with that stored in the non-volatile storage. Only if they are the same could the files be used and continuous operation will be allowed. The experiment shows that hGuard can detect illegal modification of hypervisor critical files.; Virtualization has been widely adopted in current computer systems. A key part of virtualization is a hypervisor, which virtualizes physical resources to be shared among multiple guest virtual machines (VMs). Configuration files and security policy files used by the hypervisor control VMs' behavior. If these critical files are tampered with, all the VMs that run on the same hypervisor will be affected. This paper presents hGuard, a framework to measure hypervisor critical files. Each time a critical file is updated, its hash is stored into a non-volatile storage of the trusted chip. When a critical file is loaded into memory, a measurement module computes its hash and a validation module checks its integrity by comparing this hash with that stored in the non-volatile storage. Only if they are the same could the files be used and continuous operation will be allowed. The experiment shows that hGuard can detect illegal modification of hypervisor critical files. |
| Keyword | Hypervisor Critical Files Integrity Measurement |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/16532 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Ding, Baozeng,He, Yeping,Zhou, Qiming,et al. hGuard: A Framework to Measure Hypervisor Critical Files[C]. IEEE COMPUTER SOC,2013:177-182. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment