Bit visor: A thin hypervisor for enforcing i/o device security

Takahiro Shinagawa, Hideki Eiraku, Kouichi Tanimoto, Kazumasa Omote, Shoichi Hasegawa, Takashi Horie, Manabu Hirano, Kenichi Kourai, Yoshihiro Oyama, Eiji Kawai, Kenji Kono, Shigeru Chiba, Yasushi Shinjo, Kazuhiko Kato

Research output: Chapter in Book/Report/Conference proceedingConference contribution

117 Citations (Scopus)

Abstract

Virtual machine monitors (VMMs), including hypervisors, are a popular platform for implementing various security functionalities. However, traditional VMMs require numerous components for providing virtual hardware devices and for sharing and protecting system resources among virtual machines (VMs), enlarging the code size of and reducing the reliability of the VMMs. This paper introduces a hypervisor architecture, called parapassthrough, designed to minimize the code size of hypervisors by allowing most of the I/O access from the guest operating system (OS) to pass-through the hypervisor, while the minimum access necessary to implement security functionalities is completely mediated by the hypervisor. This architecture uses device drivers of the guest OS to handle devices, thereby reducing the size of components in the hypervisor to provide virtual devices. This architecture also allows to run only single VM on it, eliminating the components for sharing and protecting system resources among VMs. We implemented a hypervisor called BitVisor and a parapass-through driver for enforcing storage encryption of ATA devices based on the parapass-through architecture. The experimental result reveals that the hypervisor and ATA driver require approximately 20 kilo lines of code (KLOC) and 1.4 KLOC respectively.

Original languageEnglish
Title of host publicationProceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09
Pages121-130
Number of pages10
DOIs
Publication statusPublished - 2009
Event2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09 - Washington, DC, United States
Duration: 2009 Mar 112009 Mar 13

Other

Other2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09
CountryUnited States
CityWashington, DC
Period09/3/1109/3/13

Fingerprint

Computer hardware
Cryptography
Virtual machine
Computer systems

Keywords

  • Hypervisors
  • Parapass-through
  • Shadow DMA descriptor
  • Trusted computing base
  • Virtual machine monitors

ASJC Scopus subject areas

  • Artificial Intelligence
  • Software

Cite this

Shinagawa, T., Eiraku, H., Tanimoto, K., Omote, K., Hasegawa, S., Horie, T., ... Kato, K. (2009). Bit visor: A thin hypervisor for enforcing i/o device security. In Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09 (pp. 121-130) https://doi.org/10.1145/1508293.1508311

Bit visor : A thin hypervisor for enforcing i/o device security. / Shinagawa, Takahiro; Eiraku, Hideki; Tanimoto, Kouichi; Omote, Kazumasa; Hasegawa, Shoichi; Horie, Takashi; Hirano, Manabu; Kourai, Kenichi; Oyama, Yoshihiro; Kawai, Eiji; Kono, Kenji; Chiba, Shigeru; Shinjo, Yasushi; Kato, Kazuhiko.

Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09. 2009. p. 121-130.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Shinagawa, T, Eiraku, H, Tanimoto, K, Omote, K, Hasegawa, S, Horie, T, Hirano, M, Kourai, K, Oyama, Y, Kawai, E, Kono, K, Chiba, S, Shinjo, Y & Kato, K 2009, Bit visor: A thin hypervisor for enforcing i/o device security. in Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09. pp. 121-130, 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09, Washington, DC, United States, 09/3/11. https://doi.org/10.1145/1508293.1508311
Shinagawa T, Eiraku H, Tanimoto K, Omote K, Hasegawa S, Horie T et al. Bit visor: A thin hypervisor for enforcing i/o device security. In Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09. 2009. p. 121-130 https://doi.org/10.1145/1508293.1508311
Shinagawa, Takahiro ; Eiraku, Hideki ; Tanimoto, Kouichi ; Omote, Kazumasa ; Hasegawa, Shoichi ; Horie, Takashi ; Hirano, Manabu ; Kourai, Kenichi ; Oyama, Yoshihiro ; Kawai, Eiji ; Kono, Kenji ; Chiba, Shigeru ; Shinjo, Yasushi ; Kato, Kazuhiko. / Bit visor : A thin hypervisor for enforcing i/o device security. Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09. 2009. pp. 121-130
@inproceedings{64025eec889b4861a335f8eff320348c,
title = "Bit visor: A thin hypervisor for enforcing i/o device security",
abstract = "Virtual machine monitors (VMMs), including hypervisors, are a popular platform for implementing various security functionalities. However, traditional VMMs require numerous components for providing virtual hardware devices and for sharing and protecting system resources among virtual machines (VMs), enlarging the code size of and reducing the reliability of the VMMs. This paper introduces a hypervisor architecture, called parapassthrough, designed to minimize the code size of hypervisors by allowing most of the I/O access from the guest operating system (OS) to pass-through the hypervisor, while the minimum access necessary to implement security functionalities is completely mediated by the hypervisor. This architecture uses device drivers of the guest OS to handle devices, thereby reducing the size of components in the hypervisor to provide virtual devices. This architecture also allows to run only single VM on it, eliminating the components for sharing and protecting system resources among VMs. We implemented a hypervisor called BitVisor and a parapass-through driver for enforcing storage encryption of ATA devices based on the parapass-through architecture. The experimental result reveals that the hypervisor and ATA driver require approximately 20 kilo lines of code (KLOC) and 1.4 KLOC respectively.",
keywords = "Hypervisors, Parapass-through, Shadow DMA descriptor, Trusted computing base, Virtual machine monitors",
author = "Takahiro Shinagawa and Hideki Eiraku and Kouichi Tanimoto and Kazumasa Omote and Shoichi Hasegawa and Takashi Horie and Manabu Hirano and Kenichi Kourai and Yoshihiro Oyama and Eiji Kawai and Kenji Kono and Shigeru Chiba and Yasushi Shinjo and Kazuhiko Kato",
year = "2009",
doi = "10.1145/1508293.1508311",
language = "English",
isbn = "9781605583754",
pages = "121--130",
booktitle = "Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09",

}

TY - GEN

T1 - Bit visor

T2 - A thin hypervisor for enforcing i/o device security

AU - Shinagawa, Takahiro

AU - Eiraku, Hideki

AU - Tanimoto, Kouichi

AU - Omote, Kazumasa

AU - Hasegawa, Shoichi

AU - Horie, Takashi

AU - Hirano, Manabu

AU - Kourai, Kenichi

AU - Oyama, Yoshihiro

AU - Kawai, Eiji

AU - Kono, Kenji

AU - Chiba, Shigeru

AU - Shinjo, Yasushi

AU - Kato, Kazuhiko

PY - 2009

Y1 - 2009

N2 - Virtual machine monitors (VMMs), including hypervisors, are a popular platform for implementing various security functionalities. However, traditional VMMs require numerous components for providing virtual hardware devices and for sharing and protecting system resources among virtual machines (VMs), enlarging the code size of and reducing the reliability of the VMMs. This paper introduces a hypervisor architecture, called parapassthrough, designed to minimize the code size of hypervisors by allowing most of the I/O access from the guest operating system (OS) to pass-through the hypervisor, while the minimum access necessary to implement security functionalities is completely mediated by the hypervisor. This architecture uses device drivers of the guest OS to handle devices, thereby reducing the size of components in the hypervisor to provide virtual devices. This architecture also allows to run only single VM on it, eliminating the components for sharing and protecting system resources among VMs. We implemented a hypervisor called BitVisor and a parapass-through driver for enforcing storage encryption of ATA devices based on the parapass-through architecture. The experimental result reveals that the hypervisor and ATA driver require approximately 20 kilo lines of code (KLOC) and 1.4 KLOC respectively.

AB - Virtual machine monitors (VMMs), including hypervisors, are a popular platform for implementing various security functionalities. However, traditional VMMs require numerous components for providing virtual hardware devices and for sharing and protecting system resources among virtual machines (VMs), enlarging the code size of and reducing the reliability of the VMMs. This paper introduces a hypervisor architecture, called parapassthrough, designed to minimize the code size of hypervisors by allowing most of the I/O access from the guest operating system (OS) to pass-through the hypervisor, while the minimum access necessary to implement security functionalities is completely mediated by the hypervisor. This architecture uses device drivers of the guest OS to handle devices, thereby reducing the size of components in the hypervisor to provide virtual devices. This architecture also allows to run only single VM on it, eliminating the components for sharing and protecting system resources among VMs. We implemented a hypervisor called BitVisor and a parapass-through driver for enforcing storage encryption of ATA devices based on the parapass-through architecture. The experimental result reveals that the hypervisor and ATA driver require approximately 20 kilo lines of code (KLOC) and 1.4 KLOC respectively.

KW - Hypervisors

KW - Parapass-through

KW - Shadow DMA descriptor

KW - Trusted computing base

KW - Virtual machine monitors

UR - http://www.scopus.com/inward/record.url?scp=67650079952&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67650079952&partnerID=8YFLogxK

U2 - 10.1145/1508293.1508311

DO - 10.1145/1508293.1508311

M3 - Conference contribution

AN - SCOPUS:67650079952

SN - 9781605583754

SP - 121

EP - 130

BT - Proceedings of the 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE'09

ER -