Analyzing the Intel Pentium's capability to support a secure virtual machine monitor
Robin, John Scott.
MetadataShow full item record
This thesis addresses the problem of implementing secure virtual machine monitors (VMM) on the Intel Pentium architecture. A VMM allows multiple operating systems to run concurrently under virtual machines on a single workstation. High-assurance VMMs could allow complete isolation of, or data sharing between, virtual machines according to a security policy such as a mandatory secrecy policy. The Intel architecture was mapped to a set of hardware requirements for VMMs. It was found that the Intel architecture was not virtualizable. However, several techniques are presented that allow the Intel architecture to support a virtual VMM. A commercial virtual VMM was studied and found to be unable to support secure VMMs. Therefore, a foundation upon which a secure VMM could be built for the Intel Pentium architecture is presented. A secure VMM for the Intel architecture offers several benefits. First, PC users could work in a more secure environment. Second, PC users could run familiar COTS operating systems and applications. Finally, secure VMMs could save the DoD millions of dollars by eliminating the need for separate systems when both high assurance, and COTS operating systems and applications are required.
Showing items related by title, author, creator and subject.
Karadeniz, Kadir. (2001-03);This thesis explores the Intel IA-64 architecture's capability to support a secure virtual machine monitor. The major mission of a virtual machine monitor is to provide an execution environment identical to the real machine ...
Unalmis, Bugra. (2001-03);Current architectures typically focus on the software-based protection mechanisms rather than hardware for providing protection. In fact, hardware security mechanisms can be critical for the construction of a secure system. ...
Implementation of Intel virtual machine extension root operation on the NPS least privilege separation kernel Martinsen, Jayce G. (Monterey, California. Naval Postgraduate School, 2010-09);A virtual machine monitor (VMM) supports execution of multiple unmodified operating systems in virtual machines (VMs) on one computer. VMM support has been added to the Intel IA 32 architecture. Enforcement of data flow ...