在多核系统中通过VM固定和页面着色实现安全的共同驻留虚拟化

2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM) Pub Date : 2012-12-01 DOI:10.1109/ICCCTAM.2012.6488061

S. Sarda, R. Kotecha, P. Shetty, S. Dhoot

{"title":"在多核系统中通过VM固定和页面着色实现安全的共同驻留虚拟化","authors":"S. Sarda, R. Kotecha, P. Shetty, S. Dhoot","doi":"10.1109/ICCCTAM.2012.6488061","DOIUrl":null,"url":null,"abstract":"Cloud computing adoption and diffusion are threatened by unresolved security issues that affect both the cloud provider and the cloud user. In case of cloud, data from potentially competing sources could reside on the same disk or same memory structure, and a computer process can violate its virtual boundary to access the competitor's data. Current Virtual Machine Monitors (VMMs) used in cloud provide a good isolation in high level computing resources viz. memory, CPU, I/O devices. However, when looking at usage of shared cache, it may happen that one virtual machine (VM) interferes with another co-resident virtual machine due to uncontrolled cache sharing. Here performance isolation cannot be guaranteed and one VM may extract sensitive information from another VM. The proposed solution is intended to isolate the usage of shared cache by co-resident VMs and thus ensure no inter-VM interference.","PeriodicalId":111485,"journal":{"name":"2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Secure Co-resident virtualization in multicore systems by VM pinning and page coloring\",\"authors\":\"S. Sarda, R. Kotecha, P. Shetty, S. Dhoot\",\"doi\":\"10.1109/ICCCTAM.2012.6488061\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing adoption and diffusion are threatened by unresolved security issues that affect both the cloud provider and the cloud user. In case of cloud, data from potentially competing sources could reside on the same disk or same memory structure, and a computer process can violate its virtual boundary to access the competitor's data. Current Virtual Machine Monitors (VMMs) used in cloud provide a good isolation in high level computing resources viz. memory, CPU, I/O devices. However, when looking at usage of shared cache, it may happen that one virtual machine (VM) interferes with another co-resident virtual machine due to uncontrolled cache sharing. Here performance isolation cannot be guaranteed and one VM may extract sensitive information from another VM. The proposed solution is intended to isolate the usage of shared cache by co-resident VMs and thus ensure no inter-VM interference.\",\"PeriodicalId\":111485,\"journal\":{\"name\":\"2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCCTAM.2012.6488061\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCTAM.2012.6488061","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

云计算的采用和扩散受到未解决的安全问题的威胁，这些问题会影响云提供商和云用户。在云的情况下，来自潜在竞争来源的数据可能驻留在同一磁盘或相同的内存结构上，计算机进程可以违反其虚拟边界来访问竞争对手的数据。当前在云中使用的虚拟机监视器(vmm)在高级计算资源(即内存、CPU、I/O设备)中提供了良好的隔离。但是，在查看共享缓存的使用情况时，可能会发生一个虚拟机(VM)由于不受控制的缓存共享而干扰另一个共同驻留的虚拟机的情况。在这种情况下，不能保证性能隔离，并且一个VM可能从另一个VM提取敏感信息。提出的解决方案旨在隔离共同驻留vm对共享缓存的使用，从而确保vm之间没有干扰。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Secure Co-resident virtualization in multicore systems by VM pinning and page coloring

Cloud computing adoption and diffusion are threatened by unresolved security issues that affect both the cloud provider and the cloud user. In case of cloud, data from potentially competing sources could reside on the same disk or same memory structure, and a computer process can violate its virtual boundary to access the competitor's data. Current Virtual Machine Monitors (VMMs) used in cloud provide a good isolation in high level computing resources viz. memory, CPU, I/O devices. However, when looking at usage of shared cache, it may happen that one virtual machine (VM) interferes with another co-resident virtual machine due to uncontrolled cache sharing. Here performance isolation cannot be guaranteed and one VM may extract sensitive information from another VM. The proposed solution is intended to isolate the usage of shared cache by co-resident VMs and thus ensure no inter-VM interference.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)

自引率

0.00%

发文量