JUCS - Journal of Universal Computer Science 16(4): 554-576, doi: 10.3217/jucs-016-04-0554
VIMM: Runtime Integrity Measurement of a Virtualized Operating System
expand article infoChun Hui Suen
‡ TU München, München, Germany
Open Access
Abstract
This paper discusses the design of the Virtualization Integrity Measurement Monitor (VIMM) framework, which aims to provide runtime integrity measurement of a virtualized guest OS. Kernel memory and additional hardware state changes are constantly monitored and aggregated into a combined guest OS state, which is reported to a Trusted Platform Module (TPM), thus providing a trusted integrity measurement in runtime. This measurement can then be used for data protection (sealing of secret keys) and remote attestation based on the runtime integrity of the guest OS.
Keywords
security and protection, management