| Operating system is the infrastructure for the software system, so the study on the operating system security has great significance. Virtual machine technology is of great value in building trusted operating system, as a result many trusted operating systems based on virtual machine technology have been proposed to enhance the security of the operating system. But unlike traditional trusted operating system, current study has focused more on how to provide the mechanism for the execution of trusted-application under virtual machine environment. This paper focuses on the process of the trusted-application execution based on virtual machine environment and its key techniques.To address the problem that normally the virtual machine technology does not provide well-defined support for the trusted-application execution, this paper proposes VTAE (VMM-Based Trusted-Application Execution) model and propose Cross-Domain Service Execution mechanism. With consideration to its application background, this paper proposes two types of cross-domain service that is Cross-Domain Application Start Service and Cross-Domain Procedure Call Service. Through proper module definition for VTAE model, this paper designs the workflow of cross-domain service based on the security level judgment.Inter-VM communication mechanism is the basic support mechanism in supporting the process of the trusted-application execution. In order to meet the requirement of performance and security, this paper designs the inter-VM communication mechanism which features low-latency and multi-level security. The communication mechanism introduced in this paper facilitates the low-level mechanism provided by VMM which is Page-Copy for data transfer and Virtual-Interrupt for event notification across domain. On top of the basic mechanism designs the IVTP(Inter-VM Transmission Protocol) protocol for the inter-VM communication which provides support for inter-process communication across domain. With consideration to secure data transit across domain, this paper adopts a restricted access method based on the security level.The service collaboration is the key method for the putting into practical use of VTAE system. In order to solve the difficulties in service collaboration, this paper provides Inter-VM Service Collaboration Technology. It proposes the method of separating the application running in different domain according to their security level. It provides the calling and executing method of cross-domain service which adopts an access control method based on the security level. It also proposes the method for managing the cross-domain service executing which provides a method for querying and controlling the statues of the running process of service execution, and provides the resource recycling method which prevent memory leak in a synchronous executing of cross-domain service.In the end, this paper build a prototype system for VTAE model under KVM virtualization platform which conforms to the two types of the cross-domain service defined in early parts of this paper. And evaluate the performance of VTAE system. The result shows that the performance overhead between the cross-domain service execution and the local-domain service execution is comparatively small.The work in this paper is supported by China National Advanced Science & Technology (863) Plans under Contract No. 2007AA01Z177. The proposed scientific and engineering ideas in this paper have been applied into corresponding fields. |
PDF Full Text Request