基于硬件虚拟化的单向隔离执行模型

提出了一种基于硬件虚拟化技术的单向隔离执行模型.在该模型中,安全相关的应用程序可以根据自身需求分离成宿主进程(host process)和安全敏感模块(security sensitive module,简称SSM)两部分.隔离执行器(SSMVisor)作为模型的核心部件,为SSM提供了一个单向隔离的执行环境.既保证了安全性,又允许SSM以函数调用的方式与外部进行交互.安全应用程序的可信计算基(trusted computing base,简称TCB)仅由安全敏感模块和隔离执行器构成,不再包括应用程序中的安全无关模块和操作系统,有效地削减了TCB的规模.原型系统既保持了与原有操作系统环境的兼容性,又保证了实现的轻量级.实验结果表明,系统性能开销轻微,约为6.5％.

One-Way Isolation Execution Model Based on Hardware Virtualization

A one-way isolation execution model based on hardware virtualization is proposed.In this model,the security application based on self-requirements can be divided into two parts:host process and security sensitive module(SSM).Isolated execution manager named SSMVisor,as the core component of isolation execution model, provides a one-way isolation execution environment for SSMs,not only to ensure security,but also to allow SSMs to call outside functions.As security application’s trusted computing base(TCB) only includes SSMs and SSMVisor, without operating system and the security unrelated module of the applications,the size of security application’s TCB is reduced effectively.A prototype system is not only compatible with the original operating system,but also light-weight.Experimental results show that the performance overhead of prototype system is very low,about 6.5%.