Abstract:
In virtualization architectures, a small
trusted computing base (TCB) minimizes the
attacks which could be dangerous the security of
the entire system. The TCB for an application
includes the hardware, the virtual machine
monitor (VMM) and the whole management
operating system (OS). The management OS
contains not only the device drivers but also
virtual machine (VM) management functionality.
This management OS is not acceptable to trust
for many applications due to its high privilege
level. In this paper, the secure virtual machine
execution mechanism under the assumption of
untrusted management OS (Dom0 in Xen) is
proposed. This mechanism provides the
confidentiality and integrity of the guest VM
(DomUs in Xen). A secure communication
channel is also proposed to exchange the secure
information between Dom0 and the DomUs by
authenticating and avoiding replay attacks.
