| 引用本文: |
-
周启航,贾晓启,张伟娟,姜楠.面向云环境的VMM平台安全性加固综述[J].信息安全学报,已采用 [点击复制]
- Zhou Qihang,Jia Xiaoqi,Zhang weijuan,Jiang Nan.A Survey of VMM Security Reinforcement on Virtualization Platform[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 随着云计算飞速发展,虚拟化技术成为人们关注的焦点。虚拟机监视器作为虚拟化平台的核心支柱,由于庞大且逐年增长的代码量、复杂且单一的设计模式和缺乏内部隔离,近年来不断爆出安全问题。虚拟机监视器控制着整个虚拟化平台的正常运转,一旦虚拟机监视器受到攻击,云平台的所有虚拟机将暴露于威胁之中。如何对虚拟机监视器进行安全性加固成为研究热点。本文首先分析了传统虚拟机监视器的架构模型和弊端;接着,对近年来国内外的虚拟机监视器加固研究成果进行分析比较,并提出了评估虚拟机监视器设计的四个维度;最后,本文对下一步的虚拟机监视器安全性加固进行研究展望。 |
| 关键词: VMM加固 虚拟化安全 可信基 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2023.06.03 |
| 投稿时间:2020-10-02修订日期:2021-01-22 |
| 基金项目: |
|
| A Survey of VMM Security Reinforcement on Virtualization Platform |
|
Zhou Qihang, Jia Xiaoqi, Zhang weijuan, Jiang Nan
|
| (Institute of Information Engineering,Chinese Academy of Sciences) |
| Abstract: |
| With the rapid development of cloud computing, virtualization technology has become the focus of attention. As the core pillar of the virtualization platform, the virtual machine monitor has been exposed security problems in recent years due to a large number of codes, a monolithic design and a lack of isolation. The virtual machine monitor controls the normal operation of the entire virtualization platform. Once the virtual machine monitor is attacked, all virtual machines on the cloud platform will be exposed to threats. How to reinforce the security of the virtual machine monitor has become a research hotspot. This paper first analyzes the architecture model and disadvantages of traditional virtual machine monitor. Then, we analyze the domestic and foreign reinforcement researches of the virtual machine monitor in recent years, and put forward four dimensions to evaluate the design of the virtual machine monitor. Finally, this paper prospects the next step of virtual machine monitor security reinforcement. |
| Key words: VMM Security reinforcement, virtualization security, TCB |
