Carl Gebhardt (2008) Security consideration for virtualization.
Full text access: Open
Virtualization is not a new technology, but has recently experienced a resurgence of interest among industry and research. New products and technologies are emerging quickly, and are being deployed with little considerations to security concerns. It is vital to understand that virtualization does not improve security by default. Hence, any aspect of virtualization needs to undergo constant security analysis and audit. Virtualization is a changeable and very dynamic field with an uncertain outcome. In this paper we outline the security model of hypervisors and illustrate the significance of ongoing security analysis by describing different state of the art threat models. Finally, we provide recommendations and design considerations for a more secure virtual infrastructure.
This is a Published version This version's date is: 2008 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/7623e8c8-d642-0b77-a6e2-f4334d325368/1/
Deposited by () on 28-Jun-2010 in Royal Holloway Research Online.Last modified on 14-Dec-2010
[1] \Oracle Unveils Oracle R VM." [Online]. Available: http://www.oracle.com/corporate/press/2007 nov/ovm-ga-111107.html
[2] \Microsoft Outlines Pricing, Packaging and Licensing for WindowsServer 2008, Including the New Microsoft Hyper-V Server Product."[Online]. Available: http://www.microsoft.com/presspass/press/2007/nov07/11-12HyperVPR.mspx
[3] \Sun xvm." [Online]. Available: http://www.sun.com/software/products/xvm/
[4] S. E. Madnick and J. J. Donovan, \Application and analysis of thevirtual machine approach to information system security and isolation,"Proceedings of the workshop on virtual computer systems, pp. 210 { 224,1973.
[5] P. Ferrie, \Attacks on Virtual Machine Emulators," Symantec SecurityResponse, Tech. Rep., 2006.
[6] J. R. Crandall, G. Wassermann, D. A. de Oliveira, Z. Su, S. Wu, andF. T. Chong, \Temporal search: detecting hidden malware timebombswith virtual machines," SIGARCH Computer Architecture News, no.25-36, 2006.
[7] T. Liston and E. Skoudis, \On the Cutting Edge: Thwarting VirtualMachine Detection," SANS Internet Storm Center, 2006.
[8] A. A. Omella, \Methods for virtual machine detection," Grupo S21secGestion S.A., June 2006.
[9] H. Lohr, H. V. Ramasamy, A.-R. Sadeghi, S. Schulz, M. Schunter,and C. Stuble, \Enhancing grid security using trusted virtualization."in ATC, ser. Lecture Notes in Computer Science, B. Xiao,L. T. Yang, J. Ma, C. Muller-Schloer, and Y. Hua, Eds., vol.4610. Springer, 2007, pp. 372{384. [Online]. Available: http://dblp.uni-trier.de/db/conf/atc/atc2007.html#LohrRSSSS07
[10] H. Chen, F. Zhang, C. Chen, Z. Yang, R. Chen, B. Zang, and W. Mao,\Preserving Software Privacy from Hostile OSes Using Virtualization."
[11] F. Stumpf, M. Benz, M. Hermanowski, and C. Eckert, \An approach to atrustworthy system architecture using virtualization," in Proceedings ofthe 4th International Conference on Autonomic and Trusted Computing(ATC-2007), ser. Lecture Notes in Computer Science, vol. 4158. HongKong, China: Springer-Verlag, July 2007, pp. 191{202.
[12] T. Gar nkel and M. Rosenblum, \When virtual is harder than real:security challenges in virtual machine based computing environments,"in HOTOS'05: Proceedings of the 10th conference on Hot Topics inOperating Systems. Berkeley, CA, USA: USENIX Association, 2005,pp. 20{20.
[13] T. Ormandy, \An Emperical Study into the Security Exposure to Hostsof Hostile Virtualized Environments," Google, Inc., Tech. Rep., 2007.
[14] An Open-Source High-Robustness Virtual Machine Monitor. The 22stAnnual Computer Security Applications Conference, Dec 2006.
[15] J. McDermott, \Xenon: High-assurance xen." [Online].Available: http://www.xensource.com/ les/xensummit 4/XenSummitSpring07 McDermott.pdf
[16] G. R. Ganger, D. R. Engler, M. F. Kaashoek, H. M. Briceno, R. Hunt,and T. Pinckney, \Fast and exible application-level networking on exokernelsystems," ACM Transactions on Computer Systems, vol. 20,no. 1, pp. 49{83, February 2002.
[17] S. Biemuller, \Hardware-supported virtualization for the l4 microkernel,"2006.
[18] K. Kortchinsky, \Honey-vmware patch." [Online]. Available: http://honeynet.rstack.org/tools/vmpatch.c
[19] J. Kirch, \Virtual machine security guidelines," The Center for InternetSecurity, Tech. Rep., 2007.
[20] J. Rutkowska, \Subverting vista kernel for fun and pro t."[Online]. Available: http://www.invisiblethings.org/papers/joanna%20rutkowska%20-%20subverting%20vista%20kernel.ppt
[21] I. Arce, \Ghost in the virtual machine," IEEE Security and Privacy,vol. 5, no. 4, pp. 68{71, 2007.
[22] BlueLane Technology, \Servershield." [Online]. Available: http://www.bluelane.com/products/servershield/
[23] IBM, \shype - secure hypervisor." [Online]. Available: http://www.research.ibm.com/secure systems department/projects/hypervisor/
[24] T. Jaeger, R. Sailer, and Y. Sreenivasan, \Managing the risk ofcovert information ows in virtual machine systems." in SACMAT,V. Lotz and B. M. Thuraisingham, Eds. ACM, 2007, pp.81{90. [Online]. Available: http://dblp.uni-trier.de/db/conf/sacmat/sacmat2007.html#JaegerSS07
[25] H. V. Ramasamy and M. Schunter, \Architecting dependable systemsusing virtualization," IBM Zurich Research Laboratory, Tech. Rep.,2007.
[26] \Vmware workstation shared folders directory traversal vulnerability."[Online]. Available: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=521
[27] GOODFELLAS Security Research TEAM, \VmWare Inc version 6.0.0CreateProcess & CreateProcessEx Remode Code Execution Exploit."[Online]. Available: http://www.milw0rm.com/exploits/4245
[28] ||, \vielib.dll 2.2.5.42958 VmWare Inc version 6.0.0 Remode CodeExecution Exploit." [Online]. Available: http://www.milw0rm.com/exploits/4244
[29] ||, \IntraProcessLogging.dll 5.5.3.42958 VmWare Inc ArbitraryData Write Exploit." [Online]. Available: http://www.milw0rm.com/exploits/4240
[30] Redhat, \xen security update." [Online]. Available: http://rhn.redhat.com/errata/RHSA-2007-0323.html
[31] Xen, \Users' manual. xen v3.0," Xen, Tech. Rep.
[32] S. Berger, R. Caceres, K. A. Goldman, R. Perez, R. Sailer, and L. vanDoorn, \vtpm: virtualizing the trusted platform module," in USENIX-SS'06: Proceedings of the 15th conference on USENIX Security Sympo-sium. Berkeley, CA, USA: USENIX Association, 2006, pp. 21{21.
[33] Phoenix, \Phoenix technologies ltd. to present pc 3.0TM visionand nancial results at upcoming investor conferences." [Online].Available: http://www.phoenix.com/en/About+Phoenix/Investors/News+Releases/
[34] B. D. Payne, M. Carbone, and W. Lee, \Secure and exible monitoringof virtual machines," in Proceedings of the 23rd Annual ComputerSecurity Applications Conference (ACSAC 2007), December 2007.