Sciweavers

Share
ACSAC
2005
IEEE

Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor

9 years 3 months ago
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor
We present the sHype hypervisor security architecture and examine in detail its mandatory access control facilities. While existing hypervisor security approaches aiming at high assurance have been proven useful for high-security environments that prioritize security over performance and code reuse, our approach aims at commercial security where near-zero performance overhead, non-intrusive implementation, and usability are of paramount importance. sHype enforces strong isolation at the granularity of a virtual machine, thus providing a robust foundation on which higher software layers can enact finer-grained controls. We provide the rationale behind the sHype design and describe and evaluate our implementation for the Xen open-source hypervisor.
Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ra
Added 24 Jun 2010
Updated 24 Jun 2010
Type Conference
Year 2005
Where ACSAC
Authors Reiner Sailer, Trent Jaeger, Enriquillo Valdez, Ramón Cáceres, Ronald Perez, Stefan Berger, John Linwood Griffin, Leendert van Doorn
Comments (0)
books