Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
HICSS
2010
IEEE
2010
IEEE
A Virtualization Architecture for In-Depth Kernel Isolation
Recent advances in virtualization technologies have sparked a renewed interest in the use of kernel and process virtualization as a security mechanism to enforce resource isolation and management. Unfortunately, virtualization solutions incur performance overhead. The magnitude of this overhead is directly proportional to the extend of virtualization they offer: full virtualization incurs an additional indirection layer to interface with the ever increasing hardware devices. In this paper, we propose a hypervisor-assisted, microkernel architecture which aims to provide in-depth resource isolation without the performance penalty of full virtualization. To that end, we extend the hypervisor capabilities with a lightweight VMM which enforces “identity context” to all assigned devices for each of the hosted kernels. Furthermore, we separate the control from the data plane for all hardware devices using data memory mapping and modifications of the native device drivers to divert cont...
Real-time TrafficBiometrics | Hardware Devices | HICSS 2010 | Resource Isolation | System Sciences | Virtualization Technologies |
| Added | 03 Jul 2010 |
| Updated | 03 Jul 2010 |
| Type | Conference |
| Year | 2010 |
| Where | HICSS |
| Authors | Jiang Wang, Sameer Niphadkar, Angelos Stavrou, Anup K. Ghosh |
Comments (0)
Researcher Info
|
