Proceedings of the 2nd International Conference on Computer Science and Electronics Engineering (ICCSEE 2013)

Protecting the Security and Privacy of the Virtual Machine through Privilege Separation

Authors
Cong Yu, Lixin Li, Kui Wang, Wentao Yu
Corresponding Author
Cong Yu
Available Online March 2013.
DOI
10.2991/iccsee.2013.558How to use a DOI?
Keywords
mutual trust, separation of privilege, virtual machine security, security model
Abstract

Virtual machine security issues have been the focus of attention. The permissions of traditional administrative domain Dom0 are too large, so that the user's privacy is threatened. Once the attacker compromises Dom0, it can threaten the entire virtualization platform. This paper introduces a privilege separation virtual machine security model (PSVM). Dom0’s privileges are split into two parts: the operations about the user's privacy form a DomU management domain, responsible for managing the user's privacy; remaining forms Thin Dom0. Users and virtualization platform for server-side need mutual authentication. It can prevent unauthorized users and counterfeiting Virtualization platform invading system. The user's privacy is under its own management to prevent the Virtualization platform snooping. However, it affects only one user, even if the management domain is compromised. Combined with the model, the prototype system is implemented and security analysis and performance testing is done.

Copyright
© 2013, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Volume Title
Proceedings of the 2nd International Conference on Computer Science and Electronics Engineering (ICCSEE 2013)
Series
Advances in Intelligent Systems Research
Publication Date
March 2013
ISBN
978-90-78677-61-1
ISSN
1951-6851
DOI
10.2991/iccsee.2013.558How to use a DOI?
Copyright
© 2013, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - CONF
AU  - Cong Yu
AU  - Lixin Li
AU  - Kui Wang
AU  - Wentao Yu
PY  - 2013/03
DA  - 2013/03
TI  - Protecting the Security and Privacy of the Virtual Machine through Privilege Separation
BT  - Proceedings of the 2nd International Conference on Computer Science and Electronics Engineering (ICCSEE 2013)
PB  - Atlantis Press
SP  - 2224
EP  - 2228
SN  - 1951-6851
UR  - https://doi.org/10.2991/iccsee.2013.558
DO  - 10.2991/iccsee.2013.558
ID  - Yu2013/03
ER  -