Desktop computer systems are pervasively used in home, commercial companies, governments and military settings. They tend to contain increasingly valuable information for personal or/and corporations. Unfortunately, the security facilities that the commodity operating systems provide aren't always adequate for protecting the sensitive data against various attackers. Moreover, the main-streaming commodity operating systems are becoming larger and more complex, which makes the security flaws inevitable in OS software. Unfortunately, traditional approaches are either too complicated to apply or isn't enough functional.In this paper we introduce xCerberus, a light weight hypervisor based on Virtualization Technology(VT), Secure Virtual Machine(SVM) and trusted computing technology. xCerberus could attest the integrity of itself to a remote party. It has an interface to run secure sensitive codes in a special execution environment isolated from the operating system. It also provides low-level data percolation and encryption functions, which are transparent to the guest domain running on the hypervisor. And it resides on removable storage devices, which makes it easy to be deployed. xCerberus is targeted to the x86 platforms that support hardware virtualization technologies, such as vt and svm. Thus it has a wide field of application with good prospects. |