VIMM: Runtime Integrity Measurement of a Virtualized Operating System

Chun Suen

doi:10.3217/jucs-016-04-0554

JUCS - Journal of Universal Computer Science 16(4): 554-576, doi: 10.3217/jucs-016-04-0554

VIMM: Runtime Integrity Measurement of a Virtualized Operating System

Chun Hui Suen^‡

‡ TU München, München, Germany

Corresponding author: Chun Suen ( chunhui.suen@mytum.de )

This article is freely available under the J.UCS Open Content License.

Citation: Suen CH (2010) VIMM: Runtime Integrity Measurement of a Virtualized Operating System. JUCS - Journal of Universal Computer Science 16(4): 554-576. https://doi.org/10.3217/jucs-016-04-0554

Abstract

This paper discusses the design of the Virtualization Integrity Measurement Monitor (VIMM) framework, which aims to provide runtime integrity measurement of a virtualized guest OS. Kernel memory and additional hardware state changes are constantly monitored and aggregated into a combined guest OS state, which is reported to a Trusted Platform Module (TPM), thus providing a trusted integrity measurement in runtime. This measurement can then be used for data protection (sealing of secret keys) and remote attestation based on the runtime integrity of the guest OS.

Keywords

security and protection, management