Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor

Get BibTex-formatted data

Author

John Scott Robin, Cynthia E. Irvine

Entry type

article

Abstract

A virtual machine monitor (VMM) allows multiple operating systems to run concurrently on virtual machines (VM\'s) on a single hardware platform. Each VM can be treated as an independent operating system platform. A secure VMM would enforce an overarching security policy on its VMs. The potential benefits of a secure VMM for PCs include: a more secure environment, familiar COTS operating systems and applications, and enormous savingfs resulting from the elimination of the need for separate platforms when both high assurance policy enforcement, and COTS software are required. This paper addresses the problem of implementing secure VMMs on the Intel Pentium architecture. The requirements for various types of VMMs reviewed. We report an analysis of the virtualizability of all the approximately 250 instructions of the Intel Pentium platform and address its ability to support a VMM. Concurrentt \"virtualization\" techniques for the Intel Pentium architecture are exxamined and several security problems are identified. An approach to providing a virtalizable hardware base for a highly secure VMM is discussed.

Key alpha

Robin

Affiliation

U.S. Air Force, Naval Postgraduate School

Publication Date

2001-01-01

Keywords

Virtual Machine Monitor

Language

English

Location

A hard-copy of this is in the Papers Cabinet

Subject

Virtual Machine Monitor

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Robin,
	title = "Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor",
	author = "John Scott Robin, Cynthia E. Irvine",
	abstract = "A virtual machine monitor (VMM) allows multiple operating systems to run concurrently on virtual machines (VM\'s) on a single hardware platform.  Each VM can be treated as an independent operating system platform.  A secure VMM would enforce an overarching security policy on its VMs.
The potential benefits of a secure VMM for PCs include: a more secure environment, familiar COTS operating systems and applications, and enormous savingfs resulting from the elimination of the need for separate platforms when both high assurance policy enforcement, and COTS software are required.
This paper addresses the problem of implementing secure VMMs on the Intel Pentium architecture.  The requirements for various types of VMMs reviewed. We report an analysis of the virtualizability of all the approximately 250 instructions of the Intel Pentium platform and address its ability to support a VMM.  Concurrentt \"virtualization\" techniques for the Intel Pentium architecture are exxamined and several security problems are identified.  An approach to providing a virtalizable hardware base for a highly secure VMM is discussed.
",
	affiliation = "U.S. Air Force, Naval Postgraduate School",
	keywords = "Virtual Machine Monitor ",
	language = "English",
	subject = "Virtual Machine Monitor",
}