一种云环境中的虚拟机回滚安全模型
A Security Model for Virtual Machine Rollback in Cloud Environments
DOI: 10.12677/csa.2024.146156, PDF,    科研立项经费支持
作者: 黄 庆, 许阳光:广州市数字政府运营中心,广东 广州;姜文超:广东工业大学计算机学院,广东 广州;代炜琦*:华中科技大学网络空间安全学院,湖北 武汉
关键词: rvTPMTPM云计算虚拟机回滚rvTPM TPM Cloud Computing Virtual Machine Rollback
摘要: 虚拟机(VM)回滚可能会被滥用来对系统发动攻击,导致无论是否使用可信计算技术(TPM),云环境安全问题始终存在,对云计算安全提出严峻挑战。本文报告了在使用TPM环境中和不使用TPM环境中实施成功的攻击实验,分析了导致云安全问题的根本原因,提出一种基于回滚弹性虚拟TPM (rvTPM)的虚拟机回滚安全解决方案。rvTPM基于Xen环境设计实现并测试,实验结果表明:rvTPM在确保虚拟机回滚安全的前提下,不会对云计算环境造成任何明显的性能损失。
Abstract: Virtual machine (VM) rollback may be misused to launch attacks on the system, leading to persistent security problems in cloud environments, regardless of whether Trusted Platform Module (TPM) is utilized or not. This poses a serious challenge to the security of the cloud. This paper reports successful attack experiments conducted in both TPM-enabled and non-TPM-enabled environments, analyzes the fundamental causes of cloud security issues, and proposes a secure solution for virtual machine rollback based on rollback-resilient virtual TPM (rvTPM). rvTPM is designed and implemented based on Xen environments. The experimental results demonstrate that rvTPM provides a secure solution for virtual machine rollback without causing any significant performance degradation in cloud computing environments.
文章引用:黄庆, 许阳光, 姜文超, 代炜琦. 一种云环境中的虚拟机回滚安全模型[J]. 计算机科学与应用, 2024, 14(6): 196-207. https://doi.org/10.12677/csa.2024.146156

参考文献

[1] Chen, P.M. and Noble, B.D. (2001) When Virtual Is Better than Real [Operating System Relocation to Virtual Machines]. Proceedings Eighth Workshop on Hot Topics in Operating Systems, Elmau, 20-22 May 2001, 133-138. [Google Scholar] [CrossRef
[2] Garfinkel, T. and Rosenblum, M. (2005) When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. Proceedings of the 10th conference on Hot Topics in Operating Systems, Santa Fe, 12-15 June 2005, 20.
[3] Collier, G., Plassman, D. and Pegah, M. (2007) Virtualization’s Next Frontier: Security. Proceedings of the 35th Annual ACM SIGUCCS Fall Conference, Orlando, 7-10 October 2007, 34-36. [Google Scholar] [CrossRef
[4] Pearce, M., Zeadally, S. and Hunt, R. (2013) Virtualization: Issues, Security Threats, and Solutions. ACM Computing Surveys, 45, 1-39. [Google Scholar] [CrossRef
[5] Chen, L., Xian, M., Liu, J. and Wang, H. (2020) Research on Virtualization Security in Cloud Computing. Proceedings of the 2019 International Conference on AI and Big Data Application, Guangzhou, 20-22 December 2019, Article 012027. [Google Scholar] [CrossRef
[6] Zhu, G., Yin, Y., Cai, R. and Li, K. (2017) Detecting Virtualization Specific Vulnerabilities in Cloud Computing Environment. Proceedings of the 2017 IEEE 10th International Conference on Cloud Computing (CLOUD), Honololu, 25-30 June 2017, 743-748. [Google Scholar] [CrossRef
[7] Mahipal, S. and Sharmila, V.C. (2021) Virtual Machine Security Problems and Countermeasures for Improving Quality of Service in Cloud Computing. Proceedings of the 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS), Coimbatore, 25-27 March 2021, 1319-1324. [Google Scholar] [CrossRef
[8] Mansoor, F., Saghar, K., Agha, S.U., et al. (2023) Virtual Machine’s Network Security. LC International Journal of STEM, 4, 99-127.
[9] Szefer, J. and Lee, R.B. (2012) Architectural Support for Hypervisor-Secure Virtualization. Proceedings of the Seventeenth International Conference on Architectural Support for Programming Languages and Operating Systems, London, 3-7 March 2012, 437-450. [Google Scholar] [CrossRef
[10] Xia, Y., Liu, Y., Chen, H. and Zang, B. (2012) Defending against VM Rollback Attack. Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN 2012), Boston, 25-28 June 2012, 1-5. [Google Scholar] [CrossRef
[11] Berger, S., Cáceres, R., Goldman, K.A., et al. (2006) vTPM: Virtualizing the Trusted Platform Module. Proceedings of the 15th USENIX Security Symposium, Vancouver, 31 July-4 August 2006, 305-320.
[12] Dunlap, G.W., King, S.T., Cinar, S., Basrai, M.A. and Chen, P.M. (2002) ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay. ACM SIGOPS Operating Systems Review, 36, 211-224. [Google Scholar] [CrossRef
[13] Dunlap, G.W., Lucchetti, D.G., Fetterman, M.A. and Chen, P.M. (2008) Execution Replay of Multiprocessor Virtual Machines. Proceedings of the Fourth ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, Seattle, 5-7 March 2008, 121-130. [Google Scholar] [CrossRef
[14] Grobauer, B. and Schreck, T. (2010) Towards Incident Handling in the Cloud: Challenges and Approaches. Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop, Chicago, 8 October 2010, 77-86. [Google Scholar] [CrossRef
[15] King, S.T., Dunlap, G.W. and Chen, P.M. (2005) Debugging Operating Systems with Time-Traveling Virtual Machines. Proceedings of the 2005 USENIX Annual Technical Conference, Anaheim, 10-15 April 2005, 1-15.
[16] Liu, H., Jin, H., Liao, X., Hu, L. and Yu, C. (2009) Live Migration of Virtual Machine Based on Full System Trace and Replay. Proceedings of the 18th ACM International Symposium on High Performance Distributed Computing, Garching, 11-13 June 2009, 101-110. [Google Scholar] [CrossRef
[17] Cui, L., Hao, Z., Li, L., et al. (2015) Lightweight Virtual Machine Checkpoint and Rollback for Long-Running Applications. Proceedings of the 15th International Conference on Algorithms and Architectures for Parallel Processing, Zhangjiajie, 18-20 November 2015, 577-596. [Google Scholar] [CrossRef
[18] Parno, B., Lorch, J.R., Douceur, J.R., Mickens, J. and McCune, J.M. (2011) Memoir: Practical State Continuity for Protected Modules. Proceedings of the 2011 IEEE Symposium on Security and Privacy, Oakland, 22-25 May 2011, 379-394. [Google Scholar] [CrossRef
[19] Cui, L., Hao, Z., Peng, Y. and Yun, X. (2017) Piccolo: A Fast and Efficient Rollback System for Virtual Machine Clusters. IEEE Transactions on Parallel and Distributed Systems, 28, 2328-2341. [Google Scholar] [CrossRef
[20] Gofman, M.I., Luo, R., Yang, P. and Gopalan, K. (2011) SPARC: A Security and Privacy Aware Virtual Machinecheckpointing Mechanism. Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society, Chicago, 17 October 2011, 115-124. [Google Scholar] [CrossRef
[21] Goldman, K.A. and Berger, S. (2008) TPM Main Part 3 IBM Commands.
[22] England, P. and Loeser, J. (2008) Para-Virtualized TPM Sharing. Proceedings of the First International Conference on Trusted Computing and Trust in Information Technologies, Villach, 11-12 March 2008, 119-132.
[23] James: Java Apache Mail Enterprise Server (2024)
http://james.apache.org/
[24] Kinney, S.L. (2006) Trusted Platform Module Basics: Using TPM in Embedded Systems. Newnes.
[25] Sarmenta, L.F.G., van Dijk, M., O’Donnell, C.W., Rhodes, J. and Devadas, S. (2006) Virtual Monotonic Counters and Count-Limited Objects Using a TPM without a Trusted OS. Proceedings of the First ACM Workshop on Scalable Trusted Computing, Alexandria, 3 November 2006, 27-42. [Google Scholar] [CrossRef
[26] Trusted Computing Group (2013) TCG PC Client Specific TPM Interface Specification (TIS).
[27] OenSSH.org (2012)
http://www.openssh.org/