基于Intel VT-d技术的虚拟机安全隔离研究

资源隔离是计算机安全的一个重要手段,良好的安全隔离使得虚拟机技术成为近年来学术界和工业界的热点。在深入分析Linux环境下Xen完全虚拟化技术理论的基础上,设计了一个基于IntelVT技术的虚拟机安全隔离设计方案。该方案通过安全内存管理（SMM）和安全I/O管理（SIOM）两种手段进行保护,完善了Xen宿主机系统与虚拟机系统之间的安全隔离,为Xen虚拟机在实际的安全隔离环境中的应用提供了较高的安全保障。     

一种虚拟机系统下关于多级安全的强制访问控制框架II:实现

This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model, this paper implements a mandatory access control (MAC) framework applicable to multi-level security (MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework, and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on Virt-BLP model, while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present, our MAC framework fills the blank by applying Virt-BLP model to Xen, which is better than current researches to guarantee the security of communication between virtual machines (VMs). The experimental results show that our MAC framework is effective to manage the communication between VMs.     

Adaptive Remus: adaptive checkpointing for Xen-based virtual machine replication

With the ever increasing dependence on computers and networks, many systems are required to be continuously available in order to fulfil their mission. Virtualization technology enables high availability to be offered in a convenient, cost-effective manner: with the encapsulation provided by virtual machines (VMs), entire systems can be replicated transparently in software, obviating the need for expensive fault-tolerant hardware. Remus is a VM replication mechanism for the Xen hypervisor that provides high availability despite crash failures. Replication is performed by checkpointing the VM at fixed intervals. However, there is an antagonism between processing and communication regarding the optimal checkpoint interval: while longer intervals benefit processor-intensive applications, shorter intervals favour network-intensive applications. Thus, any chosen interval may not always be suitable for the hosted applications, limiting Remus usage in many scenarios. This work introduces Adaptive Remus, a proposal for adaptive checkpointing in Remus that dynamically adjusts the replication frequency according to the characteristics of running applications. Experimental results indicate that our proposal improves performance for applications that require both processing and communication, without harming applications that use only one type of resource.     

基于Xen的X86虚拟机性能调优

目前针对虚拟机环境的性能测试工具很少，测试主要还停留在运行一些基准测试程序的基础上，对虚拟机性能的调优帮助有限。文章提出了一个Xen虚拟机环境下的性能调试工具Exentrace，介绍了其Lasylog和Smartfilter两大特性。演示了利用Exentrace在不同负载的虚拟机上收集、分析数据。利用这些数据发现并解决了一个关键的性能问题。     

一个基于引用监控机的内核完整性保护方法

运用引用监控机的概念和虚拟机监控器的功能，提出了一种新的保护内核完整性的方法。该方法在虚拟机监控器中增加了引用监控模块，使之成为引用监控机；让客户操作系统内核以非特权模式运行在引用监控机上，使其对某些资源的修改操作必须经过运行于特权模式的引用监控机的验证，从而阻止恶意代码修改内核。与传统的防御恶意代码的方法相比，传统方法只能检测出内核完整性已被破坏，不能阻止恶意代码对内核的修改。     

一个基于虚拟机的日志审计和分析系统

SNARE是Linux操作系统的一个日志审计和分析工具，但它容易受到攻击。提出了一个新的方法被用来保护它免受攻击。运用虚拟机监控器的功能，SNARE被移植到运行在虚拟机监控器Xen上的两个虚拟机中，SNARE的两个主要部分——Linux内核补丁和审计后台进程被分隔而分别放入两个被Xen强隔离的虚拟机。Xen提供了两个虚拟机间共享内存的机制，运用这一机制，运行在一个虚拟机上的Linux内核补丁记录并转移审计日志到运行在另一个虚拟机上的审计后台进程。与传统的SNARE相比，新方法使攻击者毁坏或篡改这些日志更加困难。初步的评估表明这个原型是简单而有效的。     

High performance network virtualization with SR-IOV

Virtualization poses new challenges to I/O performance. The single-root I/O virtualization (SR-IOV) standard allows an I/O device to be shared by multiple Virtual Machines (VMs), without losing performance. We propose a generic virtualization architecture for SR-IOV-capable devices, which can be implemented on multiple Virtual Machine Monitors (VMMs). With the support of our architecture, the SR-IOV-capable device driver is highly portable and agnostic of the underlying VMM. Because the Virtual Function (VF) driver with SR-IOV architecture sticks to hardware and poses a challenge to VM migration, we also propose a dynamic network interface switching (DNIS) scheme to address the migration challenge. Based on our first implementation of the network device driver, we deployed several optimizations to reduce virtualization overhead. Then, we conducted comprehensive experiments to evaluate SR-IOV performance. The results show that SR-IOV can achieve a line rate throughput (9.48 Gbps) and scale network up to 60 VMs, at the cost of only 1.76% additional CPU overhead per VM, without sacrificing throughput and migration.     

DMM:A dynamic memory mapping model for virtual machines

Memory virtualization is an important part in the design of virtual machine monitors(VMM).In this paper,we proposed dynamic memory mapping(DMM) model,a mechanism that allows the VMM to change the mapping between a virtual machine's physical memory and the underlying hardware resource while the virtual machine is running.By utilizing DMM,the VMM can implement many novel memory management policies,such as Demand Paging,Swapping,Ballooning,Memory Sharing and Copy-On-Write,while preserving compatibility with va...     

基于虚拟化平台Xen的内核安全监控方案

虚拟化技术作为云计算的基础架构,其安全性随着云计算的发展越来越受到人们的关注.提出一种针对虚拟机系统内核攻击的入侵检测方案,借助Xen提供的虚拟化平台,来获取虚拟机系统内核运行情况,从而达到监视和防止内核被攻击的目的.该方案可以有效地防御来自动态修改内核代码和内核不变数据结构一类的攻击.     

基于云计算的医学图像流媒体应用研究

提出了基于云计算的医学图像流媒体服务传输系统,此系统将医疗设备和PACS进行整合,将来自于各个医疗设备的图像用扫描仪扫描为数码图像,并以流媒体的形式实时提交给远程服务器端。在云数据库虚拟化存储平台上,用先进的流媒体技术解决了医疗资源共享和高分辨率图像连续存储问题。实验结果表明, 与传统服务器在LAN(Local Area Network)、TANet(Taiwan Academic Network)和家庭网络中使用FTP传输相比,建立的云计算医学图像流媒体服务传输系统的网络传输率分别提高了45.6％、49.4％和8.1％。