Authors:
Denis Efremov
and
Nikolay Pakulin
Affiliation:
Institute for System Programming, Russian Federation
Keyword(s):
Virtualization-based Security, Network Access Control, Hypervisor, Virtual Machine Monitor, Virtualization, Security, Privacy Protection.
Related
Ontology
Subjects/Areas/Topics:
Critical Infrastructure Protection
;
Information and Systems Security
;
Network Security
;
Privacy Enhancing Technologies
;
Software Security
;
Wireless Network Security
Abstract:
This project is an attempt to combine the advantages of software flexibility and security of hardware firewalls. It aims at the implementation of these advantages in the hypervisor source code for the purpose of creating user data confidentiality protection against its leakage from the personal computer through the network. The hypervisor implementation is based on the hardware virtualization extensions of both processors and motherboards. This constitutes a key feature, which enables hypervisor to combine the following advantages: the advantages of access to the OS environment and hardware protection against various intruders’ methods of compromise, including those capable of exploiting OS kernel resources for performing the malicious actions.