A cloud architecture for protecting guest's information from malicious operators with memory management

Abstract

We introduce a novel cloud computing architecture that ensures privacy for guest's information and computation. In conventional cloud architecture, a security policy proposed by a provider only ensured the protection of guest's information. This enabled malicious operators to steal or modify guest's information. Our architecture protects guest's information with novel memory management function of hypervisor from malicious operators. Cloud computing generally relies on virtualization, and VMM or hypervisor maintains page table for interfering VM's memory accesses, which is called shadow page table. Our hypervisor regulates memory accesses by management VM by adding a authority bit to shadow page table entry. Our architecture also prohibits a theft of guest's information when it is stored in storage by encrypting data when they leave memory.

DOI: 10.1145/2557547.2557585

Extracted Key Phrases

2 Figures and Tables

Cite this paper

@inproceedings{Murakami2014ACA, title={A cloud architecture for protecting guest's information from malicious operators with memory management}, author={Koki Murakami and Tsuyoshi Yamada and Rie Shigetomi Yamaguchi and Masahiro Goshima and Shuichi Sakai}, booktitle={CODASPY}, year={2014} }