virtual machine security
play

Virtual Machine Security CSE497b - Spring 2007 Introduction - PowerPoint PPT Presentation

Jun 11, 2023 •536 likes •777 views

Virtual Machine Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger 1

  1. Virtual Machine Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger 1

  2. Operating System Quandary • Q: What is the primary goal of system security? • OS enables multiple users/programs to share resources on a physical device • Q: What happens when we try to enforce Mandatory Access Control policies on UNIX systems • Think SELinux policies • What can we to do to simplify? 2 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  3. Virtual Machines • Instead of using system software to enable sharing, use system software to enable isolation • Virtualization • “a technique for hiding the physical characteristics of computing resources from the way in which others systems, applications, and end users interact with those resources” • Virtual Machines • Single physical resource can appear as multiple logical resources 3 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  4. Virtual Machine Architectures • Full system simulation • CPU can be simulated • Paravirtualization (Xen) • VM has a special API • Requires OS changes • Native virtualization (VMWare) • Simulate enough HW to run OS • OS is for same CPU • Application virtualization (JVM) • Application API 4 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  5. Virtual Machine Types • Type I • Lowest layer of software is VMM • E.g., Xen, VAX VMM, etc. • Type II • Runs on a host operating system • E.g., VMWare, JVM, etc. • Q: What are the trust model issues with Type II compared to Type I? 5 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  6. VM Security • Isolation of VM computing • Like a separate machine VM VM Guest OS Guest OS Partitioned Device Resources Requests Virtual Machine Monitor Physical Device Controls 6 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  7. Ensure Protection of VMM • Processor Instructions • Each processor supports an instruction set • Some can only be run privileged mode • i.e., a more privileged ring (ring 0) • Privileged versus Sensitive Instructions • Privileged: only run in ring 0 • Sensitive: read or write privileged state • All sensitive instructions must be privileged • Examples • Page Table Entries: memory accesses • Code Segment Selector read: this register indicates level 7 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  8. A Proper VMM • Virtualization Requirements • Protect sensitive state • Sensitive instructions must be virtualized (i.e., require privilege) • Access to sensitive data must be virtualized (ditto) • Need to hide virtualization • Systems cannot see that they are being virtualized • I/O Processing • Need to share access to devices correctly • Special driver interface • Self-virtualization: Run VMM as VM • Can’t do this on traditional x86, but now we have VT architecture 8 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  9. NetTop • Isolated networks of VMs • Alternative to “air gap” security VM: Secret VM: Public VM: Secret VM: Public Guest OS’ Guest OS’ Guest OS’ Guest OS’ VMWare VMWare MLS MLS SELinux Host OS SELinux Host OS 9 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  10. Xen • Paravirtualized Hypervisor • Privileged VM VM: DomU VM: DomU Guest OS’ Guest OS’ VM Services Partitioned Device Dom 0 Resources Requests Host OS’ Drivers Xen Hypervisor 10 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  11. Xen sHype • Controlled information flows among VMs VM: DomU VM: DomU Guest OS’ Guest OS’ VM Services Partitioned Device Dom 0 Resources Requests Host OS’ Drivers Ref Xen Hypervisor Mon 11 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  12. Xen sHype Policies • Type Enforcement over VM communications • VM labels are subjects • VM labels are objects • How do VMs communicate in Xen? • Grant tables: pass pages between VMs • Event channels: notifications (e.g., when to pass pages) • sHype controls these • Q: What about VM communication across systems? 12 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  13. Xen Security Modules • Comprehensive Reference Monitor interface for Xen • Based on LSM ideas • Includes about 57 “hooks” (more expected) • Supports sHype hooks • Plus, hooks for VM management, resource partitioning • Another aim: Decompose domain 0 • Specialize kernel for privileged operations • E.g., Remove drivers 13 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  14. VM Security Status • Aim is simplicity • Are we achieving this? • Do we care what happens in the VMs? • When might we care? • Trusted computing base • How does this compare to traditional OS? 14 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  15. Java Virtual Machine • Interpret Java bytecodes • Machine specification defined by bytecode • On all architectures, run same bytecodes • Write once, run anywhere • Can run multiple programs w/i JVM simultaneously • Different ‘classloaders’ can result in different protection domains • How do we enforce access control? 15 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

  16. Java Security Architecture • Java 1.0: Applets and Applications CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page 16

  17. Java Security Architecture • Java 1.1: Signed code (trusted remote -- think Authenticode) • Java 1.2: Flexible access control, included in Java 2 CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page 17

  18. Stack Inspection • Authorize based on protection domains on the stack – Union of all sources • All must have permission CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page 18

  19. Do Privileged • doPrivileged terminates backtrace • Like setuid, with similar risks CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page 19

  20. Virtual Machine Threats • How does the insertion of a virtual machine layer change the threats against the system? CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page 20

  21. Virtual Machine Rootkit • Rootkit – Malicious software installed by an attacker on a system – Enable it to run on each boot • OS Rootkits – Kernel module, signal handler, ... – When the kernel is booted, the module is installed and intercepts user process requests, interrupts, etc. – E.g., keylogger • VM Rootkit – Research project from Michigan and Microsoft – If security service runs in VM, then a rootkit in VMM can evade security – E.g., Can continue to run even if the system appears to be off CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Page 21

  22. Take Away • VM systems focus on isolation • Enable reuse, but limited by security requirements • Enable limited communication • The policies are not trivial, but refer to coarser-grained objects 22 CSE497b Introduction to Computer (and Network) Security - Spring 2007 - Professor Jaeger

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Virtual Machines Appendix D Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide

Virtual Machines Appendix D Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide

Virtual Machines Appendix D Computer Security: Art and Science, 2 nd Edition Version 1.0 Slide D-1 Outline Virtual Machine Structure Virtual Machine Monitor Privilege Physical Resources Paging Computer Security: Art and

218 views • 19 slides
Advanced Systems Security: Virtual Machine Systems Trent Jaeger Systems and Internet

Advanced Systems Security: Virtual Machine Systems Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Virtual Machine Systems Trent

783 views • 43 slides
1 Agenda Docker world Containers VS Virtual machine Security concerns Conclusion Whoami

1 Agenda Docker world Containers VS Virtual machine Security concerns Conclusion Whoami

12.03.2019 Docker security 1 Agenda Docker world Containers VS Virtual machine Security concerns Conclusion Whoami M.Sc Computer Security M.Sc Software Development Worked previously as an embedded software developer Actually

586 views • 54 slides
Software Security VMI (Virtual Machine Introspection) / VMM-based Intrusion Prevention Julian

Software Security VMI (Virtual Machine Introspection) / VMM-based Intrusion Prevention Julian

Software Security VMI (Virtual Machine Introspection) / VMM-based Intrusion Prevention Julian Vetter Prof. Jean-Pierre Seifert Security in Telecommunications TU Berlin SoSe 2016 julian (sect) Software Security SoSe 2016 1 / 21

220 views • 21 slides
Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization)

Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization)

Virtual Machines What is a Virtual Machine? Java Virtual Machine (Application Virtualization) Software to simulate hardware Independent Separate Use one piece of hardware to simulate many computers Topics What are

519 views • 22 slides
Security Aware and Energy-Efficient Virtual Machine Consolidation in Cloud Computing Systems

Security Aware and Energy-Efficient Virtual Machine Consolidation in Cloud Computing Systems

Security Aware and Energy-Efficient Virtual Machine Consolidation in Cloud Computing Systems Farhad Ahamed, Seyed Shahrestani and Bahman Javadi School hool of of Comput omputing, ing, Engineer ngineering ing and and Mathema hematics ics

474 views • 18 slides
An Online Virtual Machine Placement Algorithm in an Over-Committed Cloud Siqi Ji*, Ming Da Li,

An Online Virtual Machine Placement Algorithm in an Over-Committed Cloud Siqi Ji*, Ming Da Li,

IC2E18 An Online Virtual Machine Placement Algorithm in an Over-Committed Cloud Siqi Ji*, Ming Da Li, Niannian Ji, Baochun Li Virtual Machine Placement Select the most suitable physical machine (PM) to host each virtual machine (VM).

417 views • 13 slides
Virtual Machines Uses for Virtual Machines There are several uses for virtual machines:

Virtual Machines Uses for Virtual Machines There are several uses for virtual machines:

Virtual Machines Uses for Virtual Machines There are several uses for virtual machines: Virtual machine technology, often just called virtualization , makes one computer behave as several Running several operating systems simultaneously on

254 views • 10 slides
The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

Virtual Machines in Compilation Virtual Machines in Compilation Abstract Syntax Tree compile Compilation 2007 Compilation 2007 Virtual Machine Code The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code

541 views • 11 slides
A Tor gatewayed platform for everyday use Using a virtual machine stack with its own virtual

A Tor gatewayed platform for everyday use Using a virtual machine stack with its own virtual

http://infinite.barrel-of-knowledge.info/cryptoparty/ (Surface web) https://yhfitd2wvrz3aybh.onion/cryptoparty/ (Deep web) A Tor gatewayed platform for everyday use Using a virtual machine stack with its own virtual LAN with all traffic

629 views • 9 slides
ReVirt Enabling Intrusion Analysis through Virtual Machine Logging and Replay George Dunlap

ReVirt Enabling Intrusion Analysis through Virtual Machine Logging and Replay George Dunlap

ReVirt Enabling Intrusion Analysis through Virtual Machine Logging and Replay George Dunlap Samuel Talmadge King Sukru Cinar Murtaza Basrai Peter M. Chen University of Michigan Introduction: Security

530 views • 34 slides
Virtual Machines Virtual Machines What is a virtual machine? Examples? Benefits?

Virtual Machines Virtual Machines What is a virtual machine? Examples? Benefits?

Virtual Machines Virtual Machines What is a virtual machine? Examples? Benefits? Virtualization Creation of an isomorphism that maps a virtual guest system to a real host: Maps guest state S to host state V(S) For any

271 views • 26 slides
MIPS Virtual what is the Java - what is the JVM ? lecture 25 Machine analogy ? - what is

MIPS Virtual what is the Java - what is the JVM ? lecture 25 Machine analogy ? - what is

MIPS Virtual what is the Java - what is the JVM ? lecture 25 Machine analogy ? - what is Java "byte code" Java Virtual Machine invoked methods and local stack (is it related to MIPS assembly/machine code ?) variables ?

487 views • 4 slides
Virtual Machine Security CSE443 - Spring 2012 Introduction to Computer and Network Security

Virtual Machine Security CSE443 - Spring 2012 Introduction to Computer and Network Security

Virtual Machine Security CSE443 - Spring 2012 Introduction to Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/ CSE443 Introduction to Computer (and Network) Security - Spring 2012 - Professor Jaeger 1

489 views • 28 slides
Modern Virtual Machine Performance murphee (Werner Schuster)

Modern Virtual Machine Performance murphee (Werner Schuster)

Modern Virtual Machine Performance murphee (Werner Schuster) http://jroller.com/page/murphee Overview Virtual Machine Myths Myth: Java is interpreted Myth: Native code is always faster than... Myth: Garbage Collection is

265 views • 24 slides
The Unspoken Problems With Machine Learning in Security Noa Weiss Hi! AI & Machine Learning

The Unspoken Problems With Machine Learning in Security Noa Weiss Hi! AI & Machine Learning

The Unspoken Problems With Machine Learning in Security Noa Weiss Hi! AI & Machine Learning Consultant Playing with data for over a decade Risk and Security PayPal, Armis 2 Hi! Deep Voice foundation Leader of

554 views • 54 slides
Bridging the air-gap Out of sight, (but not) out of mind Nemanja Nikodijevic

Bridging the air-gap Out of sight, (but not) out of mind Nemanja Nikodijevic

Bridging the air-gap Out of sight, (but not) out of mind Nemanja Nikodijevic <nemanja@micropsi-industries.com> Agenda Motivation Attack scenario Famous examples Academic research Future attack vectors Nemanja Nikodijevic

595 views • 33 slides
Agent Language for communication between humans and computer agents Find and Share Your self

Agent Language for communication between humans and computer agents Find and Share Your self

Agent Language for communication between humans and computer agents Find and Share Your self with Peer AIGENTS.COM KONT-2015, Anton Kolonin, Aigents Group 1 Internet of Things Agents everywhere Human User KONT-2015, Anton

1k views • 17 slides
Order-Based and Continuous Modal Logics George Metcalfe Mathematical Institute University of

Order-Based and Continuous Modal Logics George Metcalfe Mathematical Institute University of

Order-Based and Continuous Modal Logics George Metcalfe Mathematical Institute University of Bern Joint research with Xavier Caicedo, Denisa Diaconescu, Ricardo Rodr guez, Jonas Rogger, and Laura Schn uriger SYSMICS 2016, Barcelona,

723 views • 71 slides
Modal Logics for Updating, Sharing or Composing St ephane Demri CNRS, LSV, ENS Paris-Saclay

Modal Logics for Updating, Sharing or Composing St ephane Demri CNRS, LSV, ENS Paris-Saclay

Modal Logics for Updating, Sharing or Composing St ephane Demri CNRS, LSV, ENS Paris-Saclay Highlights20, september 2020 The role of updates in non-classical logics Behavioural properties of transition systems expressed in temporal

497 views • 38 slides
NSA Playset: Bridging the Airgap without Radios Speaker Bio @r00tkillah Michael Leibowitz

NSA Playset: Bridging the Airgap without Radios Speaker Bio @r00tkillah Michael Leibowitz

NSA Playset: Bridging the Airgap without Radios Speaker Bio @r00tkillah Michael Leibowitz Day job in product security Froots around with electronics The views expressed.. NOT MY EMPLOYERS! ANT Catalog ANT Catalog NSA Playset:

736 views • 47 slides
Network Security Network design Marcus Bendtsen, Andrei Gurtov Institutionen fr Datavetenskap

Network Security Network design Marcus Bendtsen, Andrei Gurtov Institutionen fr Datavetenskap

Network Security Network design Marcus Bendtsen, Andrei Gurtov Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) 2 Risk Expanding the classical definition of risk: Risk = Threat x Exposure x

1.5k views • 43 slides
DOLPHIN ATTACK GUOMING ZHANG, CHEN YAN PRESENTED BY JACOB BEDNARD WAYNE STATE UNIVERSITY CSC6991

DOLPHIN ATTACK GUOMING ZHANG, CHEN YAN PRESENTED BY JACOB BEDNARD WAYNE STATE UNIVERSITY CSC6991

DOLPHIN ATTACK GUOMING ZHANG, CHEN YAN PRESENTED BY JACOB BEDNARD WAYNE STATE UNIVERSITY CSC6991 Overview Soundwaves and Digital Signal Processing (DSP) Attack Methodology Defense Mechanisms Demonstration Videos Soundwaves and

657 views • 33 slides
Magnetics Design 3.1 Important magnetic equations 3.2 Magnetic losses 3.3 Transformer 3.3.1

Magnetics Design 3.1 Important magnetic equations 3.2 Magnetic losses 3.3 Transformer 3.3.1

Prof. S. Ben-Yaakov , DC-DC Converters [3- 1] Magnetics Design 3.1 Important magnetic equations 3.2 Magnetic losses 3.3 Transformer 3.3.1 Ideal transformer (voltages and currents) 3.3.2 Equivalent circuit of transformer (coupling,

463 views • 24 slides

More recommend