Method for responding to trusted computing TOCTOU attacks on hardware virtual domain of Xen client
A technology of trusted computing and virtual domain, applied in computing, computer security devices, instruments, etc., can solve the problem of no public publication, and achieve the effect of less modification, strong scalability, and reduced system performance
Inactive Publication Date: 2011-01-19
BEIJING JIAOTONG UNIV
View PDF2 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0006] For trusted computing TOCTOU attacks in customer virtual domains, there are currently many detection methods based on virtual machine monitors, but how to respond to the detected trusted computing TOCTOU attacks in customer virtual domains, that is, how to make the customer virtual domain The virtual trusted device correctly reflects the state of the customer's virtual domain platform, and there is currently no publicly available method
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0037] In the method provided by the present invention, an additional hypercall is defined between the privileged domain and the virtual machine monitor, represented by the variable T_hypercall, used for the privileged domain to transmit information to the virtual machine monitor, and 10 virtual interrupts (T_vIRQ) are defined , used for the virtual machine monitor to transmit information about a guest hardware virtual domain to the privileged domain, and each virtual interrupt corresponds to a running guest hardware virtual domain. The components of the response method include the forwarding module PickM and the attack signal processing module FpakM implemented in the privileged domain trusted simulation device module, the forwarding module AgentM implemented in the privileged domain kernel space, and the attack management module VMMmon implemented in the virtual machine monitor. Among them, the AgentM module implements the binding between DomID and T_vIRQ and transmits the ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention relates to a method for responding to the trusted computing TOCTOU attacks on the hardware virtual domain of a Xen client, which takes system performance into consideration on the premise of preventing attacks effectively. In the method, 1 hypercall and 10 virtual interrupts are defined between a Xen privileged domain and a virtual machine monitor for transmitting information about the method between the virtual machine monitor and the privileged domain; and the components used by the responding method comprise a forwarding module and an attach signal processing module which arerealized in a trusted simulation equipment module of the privileged domain, a forwarding module which is realized in the kernel space of the privileged domain, and an attack management module which is realized in the virtual machine monitor. When the system of the invention is implemented, the trusted computing TOCTOU attacks on the hardware virtual domain can be responded to effectively; the responding method of the invention is highly practical and has very small influences on the system performance under a condition of not receiving an attack signal; and the method has little modification in the original system, but has expandability which so high as to enable the method to apply to a working environment in which many trusted client hardware virtual domain operate parallelly.
Description
technical field [0001] The invention relates to the field of trusted computing for computer information security, and is an effective method for responding to the TOCTOU attack of TCG trusted computing under the Xen hardware virtual domain environment. Background technique [0002] The TCG architecture uses the contents of the PCR register of the TPM hardware chip solidified on the computer motherboard to determine the security of the actual platform. However, the design patterns of most commercial operating systems make the TCG architecture, which only provides software loading verification, vulnerable to TOCTOU (time of check vs time of use) attacks, which are called trusted computing TOCTOU attacks. [0003] Xen virtual machine is a mature open source virtualization product, including a virtual machine monitor, a privileged domain and multiple customer virtual domains. The virtual machine monitor is located between the system hardware platform and the virtual domain oper...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F21/00G06F21/50
Inventor 常晓林邢彬左向晖韩臻刘吉强窦招辉
Owner BEIJING JIAOTONG UNIV