This paper presents a novel framework that enables practical event-driven monitoring for untrusted virtual machine monitors (VMMs) in cloud computing. Unlike previous approaches for VMM monitoring, our framework neither relies on a higher privilege level nor requires any special hardware support. Instead, we place the trusted monitor at the same privilege level and in the same address space with the untrusted VMM to achieve superb efficiency, while proposing a unique mutual-protection mechanism to ensure the integrity of the monitor. Our security analysis demonstrates that our framework can provide high-assurance for event-driven VMM monitoring, even if the highest-privilege VMM is fully compromised. The experimental results show that our framework only incurs trivial performance overhead for enforcing event-driven monitoring policies, exhibiting tremendous performance improvement on previous approaches.
Sat 8 AprDisplayed time zone: Azores change
15:45 - 17:00 | |||
15:45 25mTalk | Dancing with Wolves: Towards Practical Event-driven VMM Monitoring Session 3 Liang Deng State Key Laboratory for Novel Software Technology, Nanjing University; SANGFOR TECHNOLOGIES CO., LTD., Peng Liu Purdue University, Jun Xu Information Sciences and Technology, Pennsylvania State University, Ping Chen Information Sciences and Technology, Pennsylvania State University, Qingkai Zeng State Key Laboratory for Novel Software Technology, Nanjing University, China | ||
16:10 25mTalk | Safe Inspection of Live Virtual Machines Session 3 Sahil Suneja IBM Research, Ricardo Koller IBM Research, Canturk Isci IBM Research, Eyal de Lara University of Toronto, Ali Hashemi University of Toronto, Arnamoy Bhattacharyya , Cristiana Amza University of Toronto | ||
16:35 25mTalk | Improving Virtualized Storage Performance with Sky Session 3 DOI Authorizer link File Attached | ||