Intel virtualization technology

  title={Intel virtualization technology},
  author={Richard Uhlig and Gilbert Portland Neiger and Dion Rodgers and Amy L. Santoni and Fernando C. M. Martins and Andrew V. Anderson and Steven M. Bennett and Alain K{\"a}gi and Felix H. Leung and Larry Smith},
A virtualized system includes a new layer of software, the virtual machine monitor. The VMM's principal role is to arbitrate accesses to the underlying physical host platform's resources so that multiple operating systems (which are guests of the VMM) can share them. The VMM presents to each guest OS a set of virtual platform interfaces that constitute a virtual machine (VM). Once confined to specialized, proprietary, high-end server and mainframe systems, virtualization is now becoming more… 

Figures from this paper

Os-level virtualization and its applications
This dissertation presents a Feather-weight Virtual Machine (FVM), an OS-level virtualization implementation on Windows platform, and shows how to customize the generic FVM framework to accommodate the needs of these applications, and presents experimental results that demonstrate their performance and effectiveness.
A comparison of software and hardware techniques for x86 virtualization
It is found that the hardware support for Virtual Machine Monitors for x86 fails to provide an unambiguous performance advantage for two primary reasons: first, it offers no support for MMU virtualization; second, it fails to co-exist with existing software techniques for MM U virtualization.
Virtualization Techniques: A Methodical Review of XEN and KVM
This paper surveys two main virtualization technologies: Xen and KVM to analyze scalability and performance of the virtualized environment.
Virtualization: Issues, security threats, and solutions
The security considerations and some associated methodologies by which security breaches can occur are explained, recommendations for how virtualized environments can best be protected are offered, and a set of generalized recommendations that can be applied to achieve secure virtualized implementations are offered.
Bringing Virtualization to the x86 Architecture with the Original VMware Workstation
This article describes the historical context, technical challenges, and main implementation techniques used by VMware Workstation to bring virtualization to the x86 architecture in 1999 and shares the key lessons learned from building the original system and from its later evolution.
A Study on System Virtualization Techniques
This paper gives brief overview of x86 virtualization techniques that provides a high level description about virtualization including the concept of a virtual machine monitor (VMM), virtualization properties, and its applications and suggests when and where a desirable technology is appropriate.
Enhancing Trusted Platform Modules with Hardware-Based Virtualization Techniques
  • F. Stumpf, C. Eckert
  • Computer Science
    2008 Second International Conference on Emerging Security Information, Systems and Technologies
  • 2008
This work presents the design of a trusted platform module (TPM) that supports hardware-based virtualization techniques and introduces an additional privilege level that is only used by a virtual machine monitor to issue management commands to the TPM.
Architectural virtualization extensions: A systems perspective
Comparison between security majors in virtual machine and linux containers
The container security has assumed primary importance amongst the researchers today and this paper is inclined towards providing a brief overview about comparisons between security of container and VMs.


Memory resource management in VMware ESX server
Several novel ESX Server mechanisms and policies for managing memory are introduced, including a ballooning technique that reclaims the pages considered least valuable by the operating system running in a virtual machine, and an idle memory tax that achieves efficient memory utilization.
Scale and performance in the Denali isolation kernel
This paper describes the Denali isolation kernel, an operating system architecture that safely multiplexes a large number of untrusted Internet services on shared hardware. Denali's goal is to allow
The Origin of the VM/370 Time-Sharing System
The historical environment, design influences, and goals which shaped the original VM/370 evolved from an experimental operating system designed and built over fifteen years ago are reviewed.
Terra: a virtual machine-based platform for trusted computing
We present a flexible architecture for trusted computing, called Terra, that allows applications with a wide range of security requirements to run simultaneously on commodity hardware. Applications
Hypervisor-based fault tolerance
Protocols to implement a fault-tolerant computing system that augment the hypervisor of a virtual-machine manager and coordinate a primary virtual machine with its backup are described.
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
ReVirt removes the dependency on the target operating system by moving it into a virtual machine and logging below the virtual machine, and enables it to provide arbitrarily detailed observations about what transpired on the system, even in the presence of non-deterministic attacks and executions.
Survey of virtual machine research
The complete instruction-by-instruction simulation of one computer system on a different system is a well-known computing technique. It is often used for software development when a hardware base is
Internet suspend/resume
A new capability for mobile computing that mimics the opening and closing of a laptop, but avoids physical transport of hardware is identified by layering virtual machine technology on a distributed file system.
Virtual Machine Technology: A Bridge From Large Mainframes To Networks Of Small Computers
This paper explores how traditional virtual machine concepts can be extended to networks of cooperating virtual machines running on multiple processors.
A Trusted Open Platform
Microsoft's next-generation secure computing base extends personal computers to offer mechanisms that let high-assurance software protect itself from the operating systems, device drivers, BIOS, and