PIGA-Virt: An Advanced Distributed MAC Protection of Virtual Systems
Efficient Mandatory Access Control of Virtual Machines remains an open problem for protecting efficiently Cloud Systems. For example, the MAC protection must allow some information flows between two virtual machines while preventing other information flows between those two machines. For solving these problems, the virtual environment must guarantee an in-depth protection in order to control the information flows that starts in a Virtual Machine (vm) and finishes in another one. In contrast with existing MAC approaches, PIGA-Virt is a MAC protection controlling the different levels of a virtual system. It eases the management of the required security objectives. The PIGA-Virt approach guarantees the required security objectives while controlling efficiently the information flows. PIGA-Virt supports a large range of predefined protection canvas whose efficiency has been demonstrated during the ANR Sec&Si security challenge. The paper shows how the PIGA-Virt approach guarantees advanced confidentiality and integrity properties by controlling complex combinations of transitive information flows passing through intermediate resources. As far as we know, PIGA-Virt is the first operational solution providing in-depth MAC protection, addressing advanced security requirements and controlling efficiently information flows inside and between virtual machines. Moreover, the solution is independent of the underlying hypervisor. Performances and protection scenarios are given for protecting KVM virtual machines.
KeywordsCloud Computing Virtual Machine Illegal Activity Security Property Covert Channel
Unable to display preview. Download preview PDF.
- 1.BitVisor 1.1 Reference Manual (2010), http://www.bitvisor.org/
- 5.Briffaut, C.T.J., Peres, M.: A dynamic end-to-end security for coordinating multiple protections within a linux desktop. In: Proceedings of the 2010 IEEE Workshop on Collaboration and Security (COLSEC 2010), pp. 509–515. IEEE Computer Society, Chicago (2010)Google Scholar
- 6.Loscocco, P.A., Smalley, S.D., Muckelbauer, P.A., Taylor, R.C., Turner, S.J., Farrell, J.F.: The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments. In: Proceedings of the 21st National Information Systems Security Conference, Arlington, Virginia, USA, pp. 303–314 (October 1998)Google Scholar
- 7.McCune, J.M., Jaeger, T., Berger, S., Caceres, R., Sailer, R.: Shamon: A system for distributed mandatory access control. In: Proceedings of the 22nd Annual Computer Security Applications Conference, pp. 23–32. IEEE Computer Society, Washington, DC (2006)Google Scholar
- 12.Sailer, R., Jaeger, T., Valdez, E., Caceres, R., Perez, R., Berger, S., Griffin, J.L., Van Doorn, L., Center, I.B.M.T.J.W.R., Hawthorne, N.Y.: Building a MAC-based security architecture for the Xen open-source hypervisor. In: 21st Annual Computer Security Applications Conference, p. 10 (2005)Google Scholar
- 14.Wojtczuk, R.: Subverting the Xen hypervisor. BlackHat USA (2008)Google Scholar