Secure enforcement of isolation policy on multicore platforms with virtualization techniques
A number of virtualization based systems have been proposed in the literature as an effective measure against the adversaries with the kernel privilege. However, under a systematic analysis, such systems exhibit vulnerabilities that can still be exploited by such an attacker with the kernel privileg...
Saved in:
| 主要作者: | |
|---|---|
| 格式: | text |
| 語言: | English |
| 出版: |
Institutional Knowledge at Singapore Management University
2018
|
| 主題: | |
| 在線閱讀: | https://ink.library.smu.edu.sg/etd_coll/184 https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=1184&context=etd_coll |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 總結: | A number of virtualization based systems have been proposed in the literature as an effective measure against the adversaries with the kernel privilege. However, under a systematic analysis, such systems exhibit vulnerabilities that can still be exploited by such an attacker with the kernel privilege. The fundamental reason is that there is an inherent incompatibility between the tamper-proof requirement and the complete mediation requirement of the reference monitor model. The incompatibility manifests in the virtualization based systems in the form of a discrepancy between the enforcement capability demanded by the high-level policy and the one achievable through the system design approach mandated by the low-level hardware enforcement mechanism. |
|---|