Secure enforcement of isolation policy on multicore platforms with virtualization techniques

Author

Siqi ZHAO, Singapore Management UniversityFollow

Publication Type

PhD Dissertation

Version

publishedVersion

Publication Date

8-2018

Abstract

A number of virtualization based systems have been proposed in the literature as an effective measure against the adversaries with the kernel privilege. However, under a systematic analysis, such systems exhibit vulnerabilities that can still be exploited by such an attacker with the kernel privilege. The fundamental reason is that there is an inherent incompatibility between the tamper-proof requirement and the complete mediation requirement of the reference monitor model. The incompatibility manifests in the virtualization based systems in the form of a discrepancy between the enforcement capability demanded by the high-level policy and the one achievable through the system design approach mandated by the low-level hardware enforcement mechanism.

Keywords

Policy, Isolation, Virtualization, Multicore

Degree Awarded

PhD in Information Systems

Discipline

Databases and Information Systems

Supervisor(s)

DING, Xuhua; GAO, Debin

Publisher

Singapore Management University

City or Country

Singapore

Citation

ZHAO, Siqi. Secure enforcement of isolation policy on multicore platforms with virtualization techniques. (2018).
Available at: https://ink.library.smu.edu.sg/etd_coll/184

Copyright Owner and License

Author

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.