{"title":"分离由硬件支持的hypervisor可信计算基础","authors":"C. Gebhardt, Chris I. Dalton, A. Tomlinson","doi":"10.1145/1867635.1867648","DOIUrl":null,"url":null,"abstract":"In this paper we explore how recent advances in virtualisation support for commodity hardware could be utilised to reduce the Trusted Computing Base (TCB) and improve the code separation of a hypervisor. To achieve this, we reassess on the definition of the TCB and illustrate how segregation of different code blocks could be enforced by hardware protection mechanisms. We argue that many software-based efforts in TCB reduction and separation can benefit from utilising those hardware capabilities.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Separating hypervisor trusted computing base supported by hardware\",\"authors\":\"C. Gebhardt, Chris I. Dalton, A. Tomlinson\",\"doi\":\"10.1145/1867635.1867648\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper we explore how recent advances in virtualisation support for commodity hardware could be utilised to reduce the Trusted Computing Base (TCB) and improve the code separation of a hypervisor. To achieve this, we reassess on the definition of the TCB and illustrate how segregation of different code blocks could be enforced by hardware protection mechanisms. We argue that many software-based efforts in TCB reduction and separation can benefit from utilising those hardware capabilities.\",\"PeriodicalId\":401412,\"journal\":{\"name\":\"Scalable Trusted Computing\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-10-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Scalable Trusted Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1867635.1867648\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Scalable Trusted Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1867635.1867648","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Separating hypervisor trusted computing base supported by hardware
In this paper we explore how recent advances in virtualisation support for commodity hardware could be utilised to reduce the Trusted Computing Base (TCB) and improve the code separation of a hypervisor. To achieve this, we reassess on the definition of the TCB and illustrate how segregation of different code blocks could be enforced by hardware protection mechanisms. We argue that many software-based efforts in TCB reduction and separation can benefit from utilising those hardware capabilities.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
