Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor
Author
John Scott Robin, Cynthia E. Irvine
Abstract
A virtual machine monitor (VMM) allows multiple operating systems to run concurrently on virtual machines (VM\'s) on a single hardware platform. Each VM can be treated as an independent operating system platform. A secure VMM would enforce an overarching security policy on its VMs.
The potential benefits of a secure VMM for PCs include: a more secure environment, familiar COTS operating systems and applications, and enormous savingfs resulting from the elimination of the need for separate platforms when both high assurance policy enforcement, and COTS software are required.
This paper addresses the problem of implementing secure VMMs on the Intel Pentium architecture. The requirements for various types of VMMs reviewed. We report an analysis of the virtualizability of all the approximately 250 instructions of the Intel Pentium platform and address its ability to support a VMM. Concurrentt \"virtualization\" techniques for the Intel Pentium architecture are exxamined and several security problems are identified. An approach to providing a virtalizable hardware base for a highly secure VMM is discussed.
Affiliation
U.S. Air Force, Naval Postgraduate School
Publication Date
2001-01-01
Keywords
Virtual Machine Monitor
Location
A hard-copy of this is in the Papers Cabinet
Subject
Virtual Machine Monitor