Visible to the public Analysis of Monolithic and Microkernel Architectures: Towards Secure Hypervisor Design

TitleAnalysis of Monolithic and Microkernel Architectures: Towards Secure Hypervisor Design
Publication TypeConference Paper
Year of Publication2014
AuthorsShropshire, J.
Conference NameSystem Sciences (HICSS), 2014 47th Hawaii International Conference on
Date PublishedJan
Keywordsapplication program interfaces, attack surface, cloud computing, Computer architecture, ESXi, Hardware, hyper calls, hyper visor security, Hyper-V, hypervisor security, Kernel, management API, micro architecture, micro kernel hyper visor architectures, microkernel architecture, microkernel architectures, Monitoring, monitoring interface, monolithic architecture, monolithic architectures, monolithic hyper visor architectures, networking, secure hyper visor design, security, security of data, security tradeoffs, Virtual machine monitors, Virtual machining, virtualisation, virtualization platform, Xen
Abstract

This research focuses on hyper visor security from holistic perspective. It centers on hyper visor architecture - the organization of the various subsystems which collectively compromise a virtualization platform. It holds that the path to a secure hyper visor begins with a big-picture focus on architecture. Unfortunately, little research has been conducted with this perspective. This study investigates the impact of monolithic and micro kernel hyper visor architectures on the size and scope of the attack surface. Six architectural features are compared: management API, monitoring interface, hyper calls, interrupts, networking, and I/O. These subsystems are core hyper visor components which could be used as attack vectors. Specific examples and three leading hyper visor platforms are referenced (ESXi for monolithic architecture; Xen and Hyper-V for micro architecture). The results describe the relative strengths and vulnerabilities of both types of architectures. It is concluded that neither design is more secure, since both incorporate security tradeoffs in core processes.

URLhttps://ieeexplore.ieee.org/document/6759218/
DOI10.1109/HICSS.2014.615
Citation Key6759218