research-article

Trusted virtual platforms: a key enabler for converged client devices

Authors:

Richard BrownAuthors Info & Claims

ACM SIGOPS Operating Systems Review, Volume 43, Issue 1

Pages 36 - 43

https://doi.org/10.1145/1496909.1496918

Published: 01 January 2009 Publication History

Get Access

Abstract

This paper introduces our work around combining machine virtualization technology with Trusted Computing Group technology. We first describe our architecture for reducing and containing the privileged code of the Xen Hypervisor. Secondly we describe our Trusted Virtual Platform architecture. This is aimed at supporting the strong enforcement of integrity and security policy controls over a virtual entity where a virtual entity can be either a full guest operating system or virtual appliance running on a virtualized platform. The architecture includes a virtualization-specific integrity measurement and reporting framework. This is designed to reflect all the dependencies of the virtual environment of a guest operating system. The work is a core enabling component of our research around converged devices -- client platforms such as notebooks or desktop PCs that can safely host multiple virtual operating systems and virtual appliances concurrently and report accurately on the trustworthiness of the individually executing entities.

References

[1]

Barham, P., et al. 2003. Xen and the Art of Virtualization. Proc. 19th ACM Symp. operating systems Principles (SOSP 03), pp. 164--177.

Digital Library

Google Scholar

[2]

Berger, S., et al. 2006. vTPM: virtualizing the trusted platform module. USENIX Security Symposium. pp. 21--21.

Digital Library

Google Scholar

[3]

Lagar-Cavilla, H.A., 2007. VMM-independent graphics acceleration. ACM/Usenix International Conference On Virtual Execution Environments. pp. 33--43.

Digital Library

Google Scholar

[4]

McConnell, Steve. 1993. Code Complete. Microsoft Press.

Google Scholar

[5]

Murray, D. 2008. Improving Xen security through disaggregation. Proceedings of the Fourth ACM SIGPLAN/SIGOPS international conference on Virtual Execution Environments.

Digital Library

Google Scholar

[6]

Microsoft. Microsoft Bitlocker Drive Encryption. http://technet.microsoft.com/en-us/windows/aa905065.aspx.

Google Scholar

[7]

Trusted Computing Group. http://www.trustedcomputinggroup.org.

Google Scholar

[8]

Tungsten Graphics. Gallium 3D. 2008. http://www.tungstengraphics.com/wiki/index.php/Gallium3D.

Google Scholar

[9]

PCI-SIG Specifications. PCI-SIG IO Virtualization. http://www.pcisig.com/specifications/iov/

Google Scholar

[10]

Balacheff, B., et al. 2002. Trusted Computing Platforms. Prentice Hall, 2002.

Google Scholar

Cited By

View all

Gonzalez NElengikal T(2021)Transparent I/O-Aware GPU Virtualization for Efficient Resource Consolidation2021 IEEE International Parallel and Distributed Processing Symposium (IPDPS)10.1109/IPDPS49936.2021.00022(131-140)Online publication date: May-2021
https://doi.org/10.1109/IPDPS49936.2021.00022
Gleeson JKats DMei Cde Lara EChen DDesnoyers Pde Lara E(2017)CraneProceedings of the 10th ACM International Systems and Storage Conference10.1145/3078468.3078478(1-13)Online publication date: 22-May-2017
https://dl.acm.org/doi/10.1145/3078468.3078478
Hong CSpence INikolopoulos D(2017)GPU Virtualization and Scheduling MethodsACM Computing Surveys10.1145/306828150:3(1-37)Online publication date: 29-Jun-2017
https://dl.acm.org/doi/10.1145/3068281
Show More Cited By

Index Terms

Trusted virtual platforms: a key enabler for converged client devices

Recommendations

An Approach to Establish Trusted Application
NETAPPS '10: Proceedings of the 2010 Second International Conference on Network Applications, Protocols and Services

Trusted Computing offer great opportunities to enhance security and privacy of the user. Trusted Platform Module (TPM) is the implementation of the trusted platform initiatives on a chip under Trusted Computing Group (TCG). The TPM chip that is similar ...
Remote attestation and integrity measurements with Intel SGX for virtual machines
Abstract
With response to the emerging virtualization trend, we focus on a Virtual Machine (VM) remote attestation process assuming that it is running in an uncontrolled and untrusted cloud infrastructure.

We present a solution that ...
An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds

Cloud computing uses a virtual, nonlocal system for storage and computation. The creation of individual virtual machines (VMs) in the larger system is an important foundation for cloud computing, especially in the delivery of software as a service (SaaS)...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGOPS Operating Systems Review

ACM SIGOPS Operating Systems Review Volume 43, Issue 1

January 2009

97 pages

ISSN:0163-5980

DOI:10.1145/1496909

Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2009

Published in SIGOPS Volume 43, Issue 1

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
726
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Gonzalez NElengikal T(2021)Transparent I/O-Aware GPU Virtualization for Efficient Resource Consolidation2021 IEEE International Parallel and Distributed Processing Symposium (IPDPS)10.1109/IPDPS49936.2021.00022(131-140)Online publication date: May-2021
https://doi.org/10.1109/IPDPS49936.2021.00022
Gleeson JKats DMei Cde Lara EChen DDesnoyers Pde Lara E(2017)CraneProceedings of the 10th ACM International Systems and Storage Conference10.1145/3078468.3078478(1-13)Online publication date: 22-May-2017
https://dl.acm.org/doi/10.1145/3078468.3078478
Hong CSpence INikolopoulos D(2017)GPU Virtualization and Scheduling MethodsACM Computing Surveys10.1145/306828150:3(1-37)Online publication date: 29-Jun-2017
https://dl.acm.org/doi/10.1145/3068281
Neuhaus CFeinbube FPolze A(2014)A Platform for Interactive Software Experiments in Massive Open Online CoursesJournal of Integrated Design & Process Science10.5555/2692128.269213418:1(69-87)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.5555/2692128.2692134
Proudler GChen LDalton CProudler GChen LDalton C(2014)Machine Virtualisation, Virtual Machines, and TPMsTrusted Computing Platforms10.1007/978-3-319-08744-3_13(353-360)Online publication date: 22-Jul-2014
https://doi.org/10.1007/978-3-319-08744-3_13
Pearce MZeadally SHunt R(2013)VirtualizationACM Computing Surveys10.1145/2431211.243121645:2(1-39)Online publication date: 12-Mar-2013
https://dl.acm.org/doi/10.1145/2431211.2431216
Chang DChu XWei G(2013)Analysis of the Security-Enhanced vTPM Migration Protocol Based on ProVerifProceedings of the 2013 International Conference on Computational and Information Sciences10.1109/ICCIS.2013.379(1437-1440)Online publication date: 21-Jun-2013
https://dl.acm.org/doi/10.1109/ICCIS.2013.379
Charlesworth APearson S(2013)Developing accountability-based solutions for data privacy in the cloudInnovation: The European Journal of Social Science Research10.1080/13511610.2013.73275326:1-2(7-35)Online publication date: Mar-2013
https://doi.org/10.1080/13511610.2013.732753
Weber AWeber D(2012)Verifizierte Virtualisierung für mehr Sicherheit und KomfortDatenschutz und Datensicherheit - DuD10.1007/s11623-012-0010-036:1(43-47)Online publication date: 27-Jan-2012
https://doi.org/10.1007/s11623-012-0010-0
Mowbray MPearson SShen Y(2012)Enhancing privacy in cloud computing via policy-based obfuscationThe Journal of Supercomputing10.1007/s11227-010-0425-z61:2(267-291)Online publication date: 1-Aug-2012
https://dl.acm.org/doi/10.1007/s11227-010-0425-z
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

An Approach to Establish Trusted Application

Remote attestation and integrity measurements with Intel SGX for virtual machines

An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds

Comments

Published In

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

An Approach to Establish Trusted Application

Remote attestation and integrity measurements with Intel SGX for virtual machines

An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds

Comments

Information

Published In

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations