Authors:
Lars Rasmusson
1
and
Mazdak Rajabi Nasab
2
Affiliations:
1
SICS Swedish Institute of Computer Science, Sweden
;
2
Chalmers University of Technology, Sweden
Keyword(s):
Cloud Computing, Hosted Computing, Security, Untrusted Code, Virtual Machine, Machine Code Inspection, Checksumming.
Related
Ontology
Subjects/Areas/Topics:
Cloud Computing
;
Cloud Computing Architecture
;
Cloud Computing Enabling Technology
;
Cloud Deployment Models: Public/Private/Hybrid Cloud
;
Cloud Risk, Challenges, and Governance
;
Fundamentals
;
Virtualization Technologies
Abstract:
An attacker who has gained access to a computer may want to run arbitrary programs of his choice, and upload or modify configuration files, etc. We can severely restrict the power of the attacker by having a white-list of approved file checksums and a mechanism that prevents the kernel from loading any file with a bad checksum. The check may be placed in the kernel, but that requires a kernel that is prepared for it. The check may also be placed in a hypervisor which intercepts the kernel and prevents the kernel from loading a bad file. Moving the integrity check out from the VM kernel makes it harder for the intruder to bypass the check. We describe the implementation of two systems and give performance results. In the first implementation the checksumming and decision is performed by the hypervisor instead of by the kernel. In the second implementation the kernel computes the checksum and only the final integrity decision is made by the hypervisor. We conclude that it is technicall
y possible to put file integrity control into the hypervisor, both for kernels without and with pre-compiled support for integrity measurement.
(More)