This paper firstly introduces some of core technologies of the virtual machine systems, analyzes applications of the virtual machine system in computer security and new security challenges the virtual machine itself brings .Then this paper discusses what is needed for mandatory access control in virtual machine coalition environment and the defects of existing mandatory access control mechanism. Based on BLP model and CWP model, BLVC model which is suitable for virtual machine coalitions and DCWP model which is used to reduce the covert channel bandwidth are introduced in this paper. Then VMCC mandatory access control mechanism is designed by the combination of these two models. VMCC mechanism achieves two objectives: One is the control of overt communication between virtual machines by BLVC; the other is management of covert channel between virtual machines, which is completed by the DCWP strategy. The features of VMCC can be summarized as follows: Firstly, it is suitable for virtual machine coalition's environment, not just limited to a single physical machine; Secondly, VMCC controls both overt and covert communications; thirdly, the overhead of VMCC mechanism is small. Based on this access control mechanism, a prototype system is designed and implemented in the XEN virtual machine environment, and do the relevant experiment. At the end of this paper, some prospects and new ideas on access control mechanism in the VM coalitions are proposed. |