The Research Of Key Techniques And Application Of Trusted Operating System Based On Virtual Machine Technology

With the development of computer technology, information systems are more and more dependent on their composing basic software. Since operating system is a critical part of information systems, its dependability is of great importance, especially for national defense industry and financial institutions. The failure or crash of operating system may lead to fatal and disastrous consequences. So far, trusted operating system has become one of the hot research topics.The design of traditional operating system lacks the consideration for system dependability. Thus it cannot meet the requirements of system trustiness. At the same time, the features of new hardware cannot be fully utilized. And it is not practical to redesign a brand-new trusted operating system based on trusted computing concepts. The main reason is that operating systems developed in this way are lacking for adequate ready-to-use applications and device drivers. So they can not support information system well. Aiming at security, reliability and availability problems in the traditional operating system and based on the technologies accumulated in previous development of Kylin operating system, in this paper, we research on virtual machine based trusted operating system architecture, high robustness device drivers and runtime monitoring technology. As a significant basis of our work, VMM (Virtual Machine Monitor) is notable for its fewer codes, isolation and application compatibility features. Based on VMM, we design and implement VTKylin, a trusted operating system prototype. The contributions of this paper include:1. After comprehensive analyzing and comparison of typical related work, we propose a virtual machine based novel trusted operating system model VTOS which supports two-dimension three-mode topology based on virtual CPU technology. Then based on the proposed VTOS model, we illustrate the security of this model by formalized analysis and proving. The results show that VTOS is more secure than traditional operating system.2. Based on VTOS, we study trusted operating system's integrity protection techniques and establish four types of trust measurement mode, propose a new trusted operating system integrity protection method. Test results show that VTOS integrity protection mechanism is effective.3. Device drivers play an important role in improving dependability of the traditional operating system. In this paper, based on VTOS, we propose VHarden, a new dependability device driver framework, based on virtual machine device driver separation technology. We design IDDPT, an inter-domain double page transfer algorithm. And we propose a memory protection mechanism to support real device driver isolation. Test results show that VHarden framework can effectively improve dependability of device drivers.4. In order to improve active protection capability of trusted operating system, we proposed a runtime monitoring method for VTOS model. It implements user behavior analysis and monitoring at both the instruction and process level. For instruction level behavior monitoring, we design BSISA, a block-based sensitive instruction scan algorithm. And for process level behavior monitoring, we design VHPDS, i.e., VMM-based hidden process detecting strategy to monitor the access of memory pages. Typical Rootkit tests show that proposed runtime monitoring methods can effectively improve active protection capability of the operating system and can help to prevent the system from malicious attacks.5. Based on Kylin operating system platform, we design Luvalley, a novel virtual machine monitor. With this virtual machine monitor, we design and implement VTKylin, a trusted operating system which can support virtual CPUs from Intel or AMD. UnixBench, Netperf, Sysbench-OLTP and LTP standard benchmark tests results show that the performance of VTKylin is comparable to that of XenServer and KVM virtual machine systems, but VTKylin is more robust.The work in this paper is supported by China National Advanced Science & Technology (863) Plans under Contract No. 2007AA01Z177 and National Natural Science Foundation of China Under grant No. 90718040. The proposed scientific and engineering ideas in this paper have been applied into corresponding fields.