Security consideration for virtualization

Carl Gebhardt

(2008)

Carl Gebhardt (2008) Security consideration for virtualization.

Our Full Text Deposits

Full text access: Open

Full Text - 151.85 KB

Links to Copies of this Item Held Elsewhere

Mathematics Departmental Web Page

Abstract

Virtualization is not a new technology, but has recently experienced a resurgence of interest among industry and research. New products and technologies are emerging quickly, and are being deployed with little considerations to security concerns. It is vital to understand that virtualization does not improve security by default. Hence, any aspect of virtualization needs to undergo constant security analysis and audit. Virtualization is a changeable and very dynamic field with an uncertain outcome. In this paper we outline the security model of hypervisors and illustrate the significance of ongoing security analysis by describing different state of the art threat models. Finally, we provide recommendations and design considerations for a more secure virtual infrastructure.

Information about this Version

This is a Published version
This version's date is: 2008
This item is peer reviewed

Link to this Version

https://repository.royalholloway.ac.uk/items/7623e8c8-d642-0b77-a6e2-f4334d325368/1/

Item Type	Monograph (Technical Report)
Title	Security consideration for virtualization
Authors	Gebhardt, Carl
Departments	Faculty of Science\Mathematics

Deposited by () on 28-Jun-2010 in Royal Holloway Research Online.Last modified on 14-Dec-2010

Notes

References

[1] \Oracle Unveils Oracle R
VM." [Online]. Available: http://www.oracle.
com/corporate/press/2007 nov/ovm-ga-111107.html

[2] \Microsoft Outlines Pricing, Packaging and Licensing for Windows
Server 2008, Including the New Microsoft Hyper-V Server Product."
[Online]. Available: http://www.microsoft.com/presspass/press/2007/
nov07/11-12HyperVPR.mspx

[3] \Sun xvm." [Online]. Available: http://www.sun.com/software/
products/xvm/

[4] S. E. Madnick and J. J. Donovan, \Application and analysis of the
virtual machine approach to information system security and isolation,"
Proceedings of the workshop on virtual computer systems, pp. 210 { 224,
1973.

[5] P. Ferrie, \Attacks on Virtual Machine Emulators," Symantec Security
Response, Tech. Rep., 2006.

[6] J. R. Crandall, G. Wassermann, D. A. de Oliveira, Z. Su, S. Wu, and
F. T. Chong, \Temporal search: detecting hidden malware timebombs
with virtual machines," SIGARCH Computer Architecture News, no.
25-36, 2006.

[7] T. Liston and E. Skoudis, \On the Cutting Edge: Thwarting Virtual
Machine Detection," SANS Internet Storm Center, 2006.

[8] A. A. Omella, \Methods for virtual machine detection," Grupo S21sec
Gestion S.A., June 2006.

[9] H. Lohr, H. V. Ramasamy, A.-R. Sadeghi, S. Schulz, M. Schunter,
and C. Stuble, \Enhancing grid security using trusted virtualization."
in ATC, ser. Lecture Notes in Computer Science, B. Xiao,
L. T. Yang, J. Ma, C. Muller-Schloer, and Y. Hua, Eds., vol.
4610. Springer, 2007, pp. 372{384. [Online]. Available: http:
//dblp.uni-trier.de/db/conf/atc/atc2007.html#LohrRSSSS07

[10] H. Chen, F. Zhang, C. Chen, Z. Yang, R. Chen, B. Zang, and W. Mao,
\Preserving Software Privacy from Hostile OSes Using Virtualization."

[11] F. Stumpf, M. Benz, M. Hermanowski, and C. Eckert, \An approach to a
trustworthy system architecture using virtualization," in Proceedings of
the 4th International Conference on Autonomic and Trusted Computing
(ATC-2007), ser. Lecture Notes in Computer Science, vol. 4158. Hong
Kong, China: Springer-Verlag, July 2007, pp. 191{202.

[12] T. Gar nkel and M. Rosenblum, \When virtual is harder than real:
security challenges in virtual machine based computing environments,"
in HOTOS'05: Proceedings of the 10th conference on Hot Topics in
Operating Systems. Berkeley, CA, USA: USENIX Association, 2005,
pp. 20{20.

[13] T. Ormandy, \An Emperical Study into the Security Exposure to Hosts
of Hostile Virtualized Environments," Google, Inc., Tech. Rep., 2007.

[14] An Open-Source High-Robustness Virtual Machine Monitor. The 22st
Annual Computer Security Applications Conference, Dec 2006.

[15] J. McDermott, \Xenon: High-assurance xen." [Online].
Available: http://www.xensource.com/ les/xensummit 4/
XenSummitSpring07 McDermott.pdf

[16] G. R. Ganger, D. R. Engler, M. F. Kaashoek, H. M. Briceno, R. Hunt,
and T. Pinckney, \Fast and
exible application-level networking on exokernel
systems," ACM Transactions on Computer Systems, vol. 20,
no. 1, pp. 49{83, February 2002.

[17] S. Biemuller, \Hardware-supported virtualization for the l4 microkernel,"
2006.

[18] K. Kortchinsky, \Honey-vmware patch." [Online]. Available: http:
//honeynet.rstack.org/tools/vmpatch.c

[19] J. Kirch, \Virtual machine security guidelines," The Center for Internet
Security, Tech. Rep., 2007.

[20] J. Rutkowska, \Subverting vista kernel for fun and pro t."
[Online]. Available: http://www.invisiblethings.org/papers/joanna%
20rutkowska%20-%20subverting%20vista%20kernel.ppt

[21] I. Arce, \Ghost in the virtual machine," IEEE Security and Privacy,
vol. 5, no. 4, pp. 68{71, 2007.

[22] BlueLane Technology, \Servershield." [Online]. Available: http:
//www.bluelane.com/products/servershield/

[23] IBM, \shype - secure hypervisor." [Online]. Available: http://www.
research.ibm.com/secure systems department/projects/hypervisor/

[24] T. Jaeger, R. Sailer, and Y. Sreenivasan, \Managing the risk of
covert information
ows in virtual machine systems." in SACMAT,
V. Lotz and B. M. Thuraisingham, Eds. ACM, 2007, pp.
81{90. [Online]. Available: http://dblp.uni-trier.de/db/conf/sacmat/
sacmat2007.html#JaegerSS07

[25] H. V. Ramasamy and M. Schunter, \Architecting dependable systems
using virtualization," IBM Zurich Research Laboratory, Tech. Rep.,
2007.

[26] \Vmware workstation shared folders directory traversal vulnerability."
[Online]. Available: http://labs.idefense.com/intelligence/
vulnerabilities/display.php?id=521

[27] GOODFELLAS Security Research TEAM, \VmWare Inc version 6.0.0
CreateProcess & CreateProcessEx Remode Code Execution Exploit."
[Online]. Available: http://www.milw0rm.com/exploits/4245

[28] ||, \vielib.dll 2.2.5.42958 VmWare Inc version 6.0.0 Remode Code
Execution Exploit." [Online]. Available: http://www.milw0rm.com/
exploits/4244

[29] ||, \IntraProcessLogging.dll 5.5.3.42958 VmWare Inc Arbitrary
Data Write Exploit." [Online]. Available: http://www.milw0rm.com/
exploits/4240

[30] Redhat, \xen security update." [Online]. Available: http://rhn.redhat.
com/errata/RHSA-2007-0323.html

[31] Xen, \Users' manual. xen v3.0," Xen, Tech. Rep.

[32] S. Berger, R. Caceres, K. A. Goldman, R. Perez, R. Sailer, and L. van
Doorn, \vtpm: virtualizing the trusted platform module," in USENIX-
SS'06: Proceedings of the 15th conference on USENIX Security Sympo-
sium. Berkeley, CA, USA: USENIX Association, 2006, pp. 21{21.

[33] Phoenix, \Phoenix technologies ltd. to present pc 3.0TM vision
and nancial results at upcoming investor conferences." [Online].
Available: http://www.phoenix.com/en/About+Phoenix/Investors/
News+Releases/

[34] B. D. Payne, M. Carbone, and W. Lee, \Secure and
exible monitoring
of virtual machines," in Proceedings of the 23rd Annual Computer
Security Applications Conference (ACSAC 2007), December 2007.

Details

Owner: Unknown user
Collection: Royal Holloway Research Online
Version: 1 (show all)
Status: Live