Executing Secured Virtual Machines within a Manycore Architecture

被引：0

作者：

Devigne, Clement ^{[1
]}

Brejon, Jean-Baptiste ^{[1
]}

Meunier, Quentin ^{[1
]}

Wajsburt, Franck ^{[1
]}

机构：

[1] Univ Paris 06, Univ Sorbonne, CNRS, LIP6,UMR 7606, 4 Pl Jussieu, F-75005 Paris, France

来源：

2015 NORDIC CIRCUITS AND SYSTEMS CONFERENCE (NORCAS) - NORCHIP & INTERNATIONAL SYMPOSIUM ON SYSTEM-ON-CHIP (SOC) | 2015年

关键词：

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Manycore processors are a way to face the always growing demand in digital data processing. However, by putting closer distinct and possibly private data, they open up to security breaches. This article presents undergoing work aiming at providing security guaranties to different users utilizing different cores in a manycore architecture. The proposed solution is using physical isolation and a hypervisor with minimum rights, although the work described in the paper focuses only on hardware mechanisms. We present a hardware module providing an address translation service allowing to fully virtualize operating systems, while offering advantages compared to a classical memory management unit within our context. Experiments made on a virtual prototype shows that our solution has a low time overhead - typically 3% on average.

引用

页数：4

共 9 条

[1]

[Anonymous], 2003, ACM SIGOPS OPERATING

[2] KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor [J].

Dall, Christoffer ;

Nieh, Jason .

ACM SIGPLAN NOTICES, 2014, 49 (04) :333-347

[3]

Jin S., 2011, MICRO 44

[4]

Kivity Avi, 2007, P 2007 OTT LIN S OLS

[5]

LIP6 Lab-STICC LabHC and CEA-LIST, HARDW SOFTW MANAGEME

[6]

Neiger G., 2006, Intel Technology Journal, V10, P167

[7]

Ranger C., 2007, HIGH PERFORMANCE COM

[8]

Seongwook Jin, 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W), P217, DOI 10.1109/DSNW.2011.5958816

[9]

WOO SC, 1995, ACM COMP AR, P24, DOI 10.1109/ISCA.1995.524546

← 1 →