Terra

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Terra: a virtual machine-based platform for trusted computing

Full text

Pdf (140 KB)

Source

ACM Symposium on Operating Systems Principles archive
Proceedings of the nineteenth ACM symposium on Operating systems principles table of contents

Bolton Landing, NY, USA

SESSION: Virtual machine monitors table of contents

Pages: 193 - 206

Year of Publication: 2003

ISBN:1-58113-757-5

Also published in ...

Authors

Tal Garfinkel	Stanford University
Ben Pfaff	Stanford University
Jim Chow	Stanford University
Mendel Rosenblum	Stanford University
Dan Boneh	Stanford University

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 83, Downloads (12 Months): 507, Citation Count: 86

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/945445.945464 What is a DOI?

ABSTRACT

We present a flexible architecture for trusted computing, called Terra, that allows applications with a wide range of security requirements to run simultaneously on commodity hardware. Applications on Terra enjoy the semantics of running on a separate, dedicated, tamper-resistant hardware platform, while retaining the ability to run side-by-side with normal applications on a general-purpose computing platform. Terra achieves this synthesis by use of a trusted virtual machine monitor (TVMM) that partitions a tamper-resistant hardware platform into multiple, isolated virtual machines (VM), providing the appearance of multiple boxes on a single, general-purpose platform. To each VM, the TVMM provides the semantics of either an "open box," i.e. a general-purpose hardware platform like today's PCs and workstations, or a "closed box," an opaque special-purpose platform that protects the privacy and integrity of its contents like today's game consoles and cellular phones. The software stack in each VM can be tailored from the hardware interface up to meet the security requirements of its application(s). The hardware and TVMM can act as a trusted party to allow closed-box VMs to cryptographically identify the software they run, i.e. what is in the box, to remote parties. We explore the strengths and limitations of this architecture by describing our prototype implementation and several applications that we developed for it.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	IBM mainframe servers: Case studies. http://www-1.ibm.com/servers/eserver/zseries/library/casestudies/.
	2	IP security protocol (IPsec) charter. http://www.ietf.org/html.charters/ipsec-charter.html.
	3	Security: IBM zSeries partitioning achieves highest certification. http://www-1.ibm.com/servers/eserver/zseries/security/certification.html, December 2002.
	4	Microsoft next-generation secure computing base---technical FAQ. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/NGSCB.asp , February 2003.
	5	R. Anderson. Cryptography and competition policy: Issues with trusted computing. In Proc. Workshop on Economics and Info. Sec., pages 1--11, May 2003.
	6	R. Anderson and M. Kuhn. Tamper resistance---A cautionary note. In Proc. 2nd USENIX Workshop on Electronic Commerce, pages 1--11, Nov. 1996.
	7	W. A. Arbaugh , D. J. Farber , J. M. Smith, A secure and reliable bootstrap architecture, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.65, May 04-07, 1997
	8	Ken Ashcraft , Dawson Engler, Using Programmer-Written Compiler Extensions to Catch Security Holes, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.143, May 12-15, 2002
	9	Giuseppe Ateniese , Jan Camenisch , Marc Joye , Gene Tsudik, A Practical and Provably Secure Coalition-Resistant Group Signature Scheme, Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology, p.255-270, August 20-24, 2000
	10	M. Bellare, R. Canetti, and H. Krawczyk. Message authentication using hash functions---the HMAC construction. CryptoBytes, 2(1), Spring 1996.
	11	B. N. Bershad , S. Savage , P. Pardyak , E. G. Sirer , M. E. Fiuczynski , D. Becker , C. Chambers , S. Eggers, Extensibility safety and performance in the SPIN operating system, Proceedings of the fifteenth ACM symposium on Operating systems principles, p.267-283, December 03-06, 1995, Copper Mountain, Colorado, United States
	12	Edouard Bugnion , Scott Devine , Mendel Rosenblum, Disco: running commodity operating systems on scalable multiprocessors, Proceedings of the sixteenth ACM symposium on Operating systems principles, p.143-156, October 05-08, 1997, Saint Malo, France
	13	A. Carroll, M. Juarez, J. Polk, and T. Leininger. Microsoft Palladium: A business overview. http://www.microsoft.com/PressPass/features/2002/jul02/0724palladiumwp.asp, August 2002.
	14	D. Chaum and E. V. Heyst. Group signatures. Advances in Cryptology, Eurocrypt '91, 547:257--265, 1991. Springer-Verlag Lecture Notes on Computer Science.
	15	Peter M. Chen , Brian D. Noble, When Virtual Is Better Than Real, Proceedings of the Eighth Workshop on Hot Topics in Operating Systems, p.133, May 20-22, 2001
	16	Andy Chou , Junfeng Yang , Benjamin Chelf , Seth Hallem , Dawson Engler, An empirical study of operating systems errors, Proceedings of the eighteenth ACM symposium on Operating systems principles, October 21-24, 2001, Banff, Alberta, Canada
	17	R. J. Creasy. The origin of the VM/370 time-sharing system. IBM J. Research and Development, 25(5):483--490, September 1981.
	18	P. Cummings, D. Fullan, M. Goldstien, M. Gosse, J. Picciotto, J. Woodward, and J. Wynn. Compartmented model workstation: Results through prototyping. In Proc. IEEE Symp. Sec. and Privacy, pages 27 -- 29, April 1987.
	19	DarkNova. Interview with an aimbot coder. http://www.lamerkatz.com/webvoid/issue7/1.shtml.
	20	J. J. Donovan and S. E. Madnick. Hierarchical approach to computer system integrity. IBM Sys. J., 14(2):188--202, 1975.
	21	George W. Dunlap , Samuel T. King , Sukru Cinar , Murtaza A. Basrai , Peter M. Chen, ReVirt: enabling intrusion analysis through virtual-machine logging and replay, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts [doi>10.1145/1060289.1060309]
	22	Joan G. Dyer , Mark Lindemann , Ronald Perez , Reiner Sailer , Leendert van Doorn , Sean W. Smith , Steve Weingart, Building the IBM 4758 Secure Coprocessor, Computer, v.34 n.10, p.57-66, October 2001 [doi>10.1109/2.955100]
	23	P. England. Personal communication.
	24	D. R. Engler , M. F. Kaashoek , J. O'Toole, Jr., Exokernel: an operating system architecture for application-level resource management, Proceedings of the fifteenth ACM symposium on Operating systems principles, p.251-266, December 03-06, 1995, Copper Mountain, Colorado, United States
	25	Paul England , Butler Lampson , John Manferdelli , Marcus Peinado , Bryan Willman, A Trusted Open Platform, Computer, v.36 n.7, p.55-62, July 2003 [doi>10.1109/MC.2003.1212691]
	26	Flocutus. The ultimative Quake cheating page: Illegitimate cheats. http://www.gamescenter.de/uqc/illegal.htm.
	27	T. Garfinkel and M. Rosenblum. A virtual machine introspection based architecture for intrusion detection. In Proc. Net. and Distributed Sys. Sec. Symp., February 2003.
	28	T. Garfinkel, M. Rosenblum, and D. Boneh. A Broader Vision for Trusted Computing. In 9th Workshop on Hot Topics in Operating Sys. (HotOS-IX), May 2003.
	29	M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson. The digital distributed system security architecture. In Proc. 12th NIST-NCSC Nat'l Comp. Sec. Conf., pages 305--319, 1989.
	30	B. Gold, R. Linde, R. J. Peller, M. Schaefer, J. Scheid, and P. D. Ward. A security retrofit for VM/370. In AFIPS Natl. Comp. Conf., volume 48, pages 335--344, June 1979.
	31	B. Gold, R. Linde, R. J. Peller, M. Schaefer, J. Scheid, and P. D. Ward. A security retrofit for VM/370. In AFIPS Natl. Comp. Conf., volume 48, pages 335--344, June 1979.
	32	R. Goldberg. Architectural Principles for Virtual Computer Systems. PhD thesis, Harvard University, 1972.
	33	R. Goldberg. Survey of virtual machine research. IEEE Computer Magazine, 7:34--45, June 1974.
	34	R. Howworth. Virtual servers pay off. IT Week, March 2003.
	35	I. id Software. Quake. http://www.idsoftware.com/games/quake/.
	36	A. Iliev and S. Smith. Prototyping an armored data vault: Rights management on Big Brother's computer. Privacy-Enhancing Technology, 2002. Springer-Verlag Lecture Notes on Computer Science.
	37	G. Jain. Certificate revocation: A survey. http://www.cis.upenn.edu/~jaing/papers/.
	38	Paul A. Karger , Mary Ellen Zurko , Douglas W. Bonin , Andrew H. Mason , Clifford E. Kahn, A Retrospective on the VAX VMM Security Kernel, IEEE Transactions on Software Engineering, v.17 n.11, p.1147-1165, November 1991 [doi>10.1109/32.106971]
	39	Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems (TOCS), v.10 n.4, p.265-310, Nov. 1992 [doi>10.1145/138873.138874]
	40	B. Leslie and G. Heiser. Towards untrusted device drivers. Technical Report 0303, University of New South Whales, March 2003.
	41	David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
	42	J. Liedtke, On micro-kernel construction, Proceedings of the fifteenth ACM symposium on Operating systems principles, p.237-250, December 03-06, 1995, Copper Mountain, Colorado, United States
	43	Peter Loscocco , Stephen Smalley, Integrating Flexible Support for Security Policies into the Linux Operating System, Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, p.29-42, June 25-30, 2001
	44	P. A. Loscocco, S. D. Smalley, P. A. Muckelbauer, R. C. Taylor, S. J. Turner, and J. F. Farrell. The inevitability of failure: The flawed assumption of security in modern computing environments. In Proc. Nat'l Info. Sys. Sec. Conf., pages 303--314, October 1998.
	45	M. Accetta et al. Mach: A new kernel foundation for UNIX development. In Proc. USENIX Summer Conf., 1986.
	46	R. Merkle. Protocols for public key cryptosystems. In IEEE Symp. Security and Privacy, Oakland, April 1980. IEEE, IEEE Computer Society Press.
	47	R. Meushaw and D. Simard. NetTop: Commercial technology in high assurance applications. http://www.vmware.com/pdf/TechTrendNotes.pdf, 2000.
	48	Paul England , Marcus Peinado, Authenticated Operation of Open Computing Devices, Proceedings of the 7th Australian Conference on Information Security and Privacy, p.346-361, July 03-05, 2002
	49	A. Perrig, S. Smith, D. Song, and J. Tygar. SAM: A flexible and secure auction architecture using trusted hardware. eJETA.org: The Electronic Journal for E-Commerce Tools and Applications, 1(1), January 2002.
	50	S. R. Ames, Jr. Security kernels: A solution or a problem? In Proc. IEEE Symp. Sec. and Privacy, April 1981.
	51	Marvin Schaefer , Barry Gold , Richard Linde , John Scheid, Program confinement in KVM/370, Proceedings of the 1977 annual conference, p.404-410, January 1977 [doi>10.1145/800179.1124633]
	52	Jonathan S. Shapiro , Jonathan M. Smith , David J. Farber, EROS: a fast capability system, Proceedings of the seventeenth ACM symposium on Operating systems principles, p.170-185, December 12-15, 1999, Charleston, South Carolina, United States
	53	Sean W. Smith, Outbound Authentication for Programmable Secure Coprocessors, Proceedings of the 7th European Symposium on Research in Computer Security, p.72-89, October 14-16, 2002
	54	S. W. Smith , D. Safford, Practical server privacy with secure coprocessors, IBM Systems Journal, v.40 n.3, p.683-695, March 2001
	55	Jeremy Sugerman , Ganesh Venkitachalam , Beng-Hong Lim, Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor, Proceedings of the General Track: 2002 USENIX Annual Technical Conference, p.1-14, June 25-30, 2001
	56	Michael M. Swift , Brian N. Bershad , Henry M. Levy, Improving the reliability of commodity operating systems, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
	57	P. S. Tasker. Trusted computer systems. In Proc. IEEE Symp. Sec. and Privacy, April 1981.
	58	Trusted Computing Platform Alliance. TCPA main specification v. 1.1b. http://www.trustedcomputing.org/.
	59	J. D. Tygar and B. Yee. Dyad: A system for using physically secure coprocessors. In IP Workshop Proc., 1994.
	60	Carl A. Waldspurger, Memory resource management in VMware ESX server, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts [doi>10.1145/1060289.1060307]
	61	Andrew Whitaker , Marianne Shaw , Steven D. Gribble, Scale and performance in the Denali isolation kernel, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts [doi>10.1145/1060289.1060308]
	62	Edward Wobber , Martín Abadi , Michael Burrows , Butler Lampson, Authentication in the Taos operating system, ACM Transactions on Computer Systems (TOCS), v.12 n.1, p.3-32, Feb. 1994 [doi>10.1145/174613.174614]
	63	B. Yee and D. Tygar. Secure coprocessors in electronic commerce applications. In Proc. 1st USENIX Workshop on Elec. Commerce, New York, New York, July 1995.

CITED BY 86

	Reiner Sailer , Trent Jaeger , Xiaolan Zhang , Leendert van Doorn, Attestation-based policy enforcement for remote access, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
	Ravi Iyer, CQoS: a framework for enabling QoS in shared caches of CMP platforms, Proceedings of the 18th annual international conference on Supercomputing, June 26-July 01, 2004, Malo, France
	Rich Uhlig , Gil Neiger , Dion Rodgers , Amy L. Santoni , Fernando C. M. Martins , Andrew V. Anderson , Steven M. Bennett , Alain Kagi , Felix H. Leung , Larry Smith, Intel Virtualization Technology, Computer, v.38 n.5, p.48-56, May 2005
	Mendel Rosenblum , Tal Garfinkel, Virtual Machine Monitors: Current Technology and Future Trends, Computer, v.38 n.5, p.39-47, May 2005
	Peter A. Dinda, Addressing the trust asymmetry problem in grid computing with encrypted computation, Proceedings of the 7th workshop on Workshop on languages, compilers, and run-time support for scalable systems, p.1-7, October 22-23, 2004, Houston, Texas
	Ya-Yunn Su , Jason Flinn, Slingshot: deploying stateful services in wireless hotspots, Proceedings of the 3rd international conference on Mobile systems, applications, and services, June 06-08, 2005, Seattle, Washington
	Alan Shieh , Dan Williams , Emin Gün Sirer , Fred B. Schneider, Nexus: a new operating system for trustworthy computing, Proceedings of the twentieth ACM symposium on Operating systems principles, October 23-26, 2005, Brighton, United Kingdom
	David A. Holland , Ada T. Lim , Margo I. Seltzer, An architecture a day keeps the hacker away, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
	Ahmad-Reza Sadeghi , Christian Stüble, Property-based attestation for computing platforms: caring about properties, not mechanisms, Proceedings of the 2004 workshop on New security paradigms, September 20-23, 2004, Nova Scotia, Canada
	Brad Calder , Andrew A. Chien , Ju Wang , Don Yang, The entropia virtual machine for desktop grids, Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments, June 11-12, 2005, Chicago, IL, USA
	Vivek Haldar , Michael Franz, Symmetric behavior-based trust: a new paradigm for internet computing, Proceedings of the 2004 workshop on New security paradigms, September 20-23, 2004, Nova Scotia, Canada
	Margaret DeLap , Björn Knutsson , Honghui Lu , Oleg Sokolsky , Usa Sammapun , Insup Lee , Christos Tsarouchis, Is runtime verification applicable to cheat detection?, Proceedings of 3rd ACM SIGCOMM workshop on Network and system support for games, August 30-30, 2004, Portland, Oregon, USA
	Arvind Seshadri , Mark Luk , Elaine Shi , Adrian Perrig , Leendert van Doorn , Pradeep Khosla, Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems, ACM SIGOPS Operating Systems Review, v.39 n.5, December 2005
	Ashlesha Joshi , Samuel T. King , George W. Dunlap , Peter M. Chen, Detecting past and present intrusions through vulnerability-specific predicates, ACM SIGOPS Operating Systems Review, v.39 n.5, December 2005
	Derek Gordon Murray , Grzegorz Milos , Steven Hand, Improving Xen security through disaggregation, Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 05-07, 2008, Seattle, WA, USA
	Stephen Chong , K. Vikram , Andrew C. Myers, SIF: enforcing confidentiality and integrity in web applications, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
	Thomas Moscibroda , Onur Mutlu, Memory performance attacks: denial of memory service in multi-core systems, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-18, August 06-10, 2007, Boston, MA
	Liqun Chen , Rainer Landfermann , Hans Löhr , Markus Rohe , Ahmad-Reza Sadeghi , Christian Stüble, A protocol for property-based attestation, Proceedings of the first ACM workshop on Scalable trusted computing, November 03-03, 2006, Alexandria, Virginia, USA
	Jedidiah R. Crandall , Gary Wassermann , Daniela A. S. de Oliveira , Zhendong Su , S. Felix Wu , Frederic T. Chong, Temporal search: detecting hidden malware timebombs with virtual machines, ACM SIGPLAN Notices, v.41 n.11, November 2006
	Adam J. Lee , Parisa Tabriz , Nikita Borisov, A privacy-preserving interdomain audit framework, Proceedings of the 5th ACM workshop on Privacy in electronic society, October 30-30, 2006, Alexandria, Virginia, USA
	Stephen T. Jones , Andrea C. Arpaci-Dusseau , Remzi H. Arpaci-Dusseau, Geiger: monitoring the buffer cache in a virtual machine environment, ACM SIGOPS Operating Systems Review, v.40 n.5, December 2006
	Yasuharu Katsuno , Yuji Watanabe , Sachiko Yoshihama , Takuya Mishina , Michiharu Kudoh, Layering negotiations for flexible attestation, Proceedings of the first ACM workshop on Scalable trusted computing, November 03-03, 2006, Alexandria, Virginia, USA
	Andrew Cooper , Andrew Martin, Towards an open, trusted digital rights management platform, Proceedings of the ACM workshop on Digital rights management, October 30-30, 2006, Alexandria, Virginia, USA
	Kevin Borders , Xin Zhao , Atul Prakash, Securing sensitive content in a view-only file system, Proceedings of the ACM workshop on Digital rights management, October 30-30, 2006, Alexandria, Virginia, USA
	Daniel J. T. Chong , Robert H. Deng, Privacy-enhanced superdistribution of layered content with trusted access control, Proceedings of the ACM workshop on Digital rights management, October 30-30, 2006, Alexandria, Virginia, USA
	Trent Jaeger , Reiner Sailer , Umesh Shankar, PRIMA: policy-reduced integrity measurement architecture, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
	Michael Hohmuth , Michael Peter , Hermann Härtig , Jonathan S. Shapiro, Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors, Proceedings of the 11th workshop on ACM SIGOPS European workshop: beyond the PC, September 19-22, 2004, Leuven, Belgium
	Song Fu , Cheng-Zhong Xu, Stochastic modeling and analysis of hybrid mobility in reconfigurable distributed virtual machines, Journal of Parallel and Distributed Computing, v.66 n.11, p.1442-1454, November 2006
	Lionel Litty , David Lie, Manitou: a layer-below approach to fighting malware, Proceedings of the 1st workshop on Architectural and system support for improving software dependability, p.6-11, October 21-21, 2006, San Jose, California
	Andrea Bottoni , Gianluca Dini, Improving authentication of remote card transactions with mobile personal trusted devices, Computer Communications, v.30 n.8, p.1697-1712, June, 2007
	Bogdan C. Popescu , Bruno Crispo , Andrew S. Tanenbaum , Arno Bakker, Design and implementation of a secure wide-area object middleware, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.10, p.2484-2513, July, 2007
	Najwa Aaraj , Anand Raghunathan , Srivaths Ravi , Niraj K. Jha, Energy and execution time analysis of a software-based trusted platform module, Proceedings of the conference on Design, automation and test in Europe, April 16-20, 2007, Nice, France
	Lenin Singaravelu , Calton Pu , Hermann Härtig , Christian Helmuth, Reducing TCB complexity for security-sensitive applications: three case studies, ACM SIGOPS Operating Systems Review, v.40 n.4, October 2006
	Galen C. Hunt , James R. Larus , David Tarditi , Ted Wobber, Broad new OS research: challenges and opportunities, Proceedings of the 10th conference on Hot Topics in Operating Systems, p.15-15, June 12-15, 2005, Santa Fe, NM
	Tal Garfinkel , Mendel Rosenblum, When virtual is harder than real: security challenges in virtual machine based computing environments, Proceedings of the 10th conference on Hot Topics in Operating Systems, p.20-20, June 12-15, 2005, Santa Fe, NM
	George Candea , Shinichi Kawamoto , Yuichi Fujiki , Greg Friedman , Armando Fox, Microreboot — A technique for cheap recovery, Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation, p.3-3, December 06-08, 2004, San Francisco, CA
	Ramesh Chandra , Nickolai Zeldovich , Constantine Sapuntzakis , Monica S. Lam, The collective: a cache-based system management architecture, Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation, p.259-272, May 02-04, 2005
	Reiner Sailer , Xiaolan Zhang , Trent Jaeger , Leendert van Doorn, Design and implementation of a TCG-based integrity measurement architecture, Proceedings of the 13th conference on USENIX Security Symposium, p.16-16, August 09-13, 2004, San Diego, CA
	Xinwen Zhang , Michael J. Covington , Songqing Chen , Ravi Sandhu, SecureBus: towards application-transparent trusted computing with mandatory access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
	Vivek Haldar , Deepak Chandra , Michael Franz, Semantic remote attestation: a virtual machine directed approach to trusted computing, Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, p.3-3, May 06-07, 2004, San Jose, California
	Ananth I. Sundararaj , Peter A. Dinda, Towards virtual networks for virtual machine grid computing, Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium, p.14-14, May 06-07, 2004, San Jose, California
	Xiaoxin Chen , Tal Garfinkel , E. Christopher Lewis , Pratap Subrahmanyam , Carl A. Waldspurger , Dan Boneh , Jeffrey Dwoskin , Dan R.K. Ports, Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems, ACM SIGARCH Computer Architecture News, v.36 n.1, March 2008
	Jake Wires , Michael J. Feeley, Secure file system versioning at the block level, ACM SIGOPS Operating Systems Review, v.41 n.3, June 2007
	Sujata Garera , Aviel D. Rubin, An independent audit framework for software dependent voting systems, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
	Arvind Seshadri , Mark Luk , Ning Qu , Adrian Perrig, SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes, ACM SIGOPS Operating Systems Review, v.41 n.6, December 2007
	Nick L. Petroni, Jr. , Michael Hicks, Automated detection of persistent kernel control-flow attacks, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
	Yasuharu Katsuno , Yuji Watanabe , Sanehiro Furuichi , Michiharu Kudo, Chinese-wall process confinement for practical distributed coalitions, Proceedings of the 12th ACM symposium on Access control models and technologies, June 20-22, 2007, Sophia Antipolis, France
	Galen Hunt , Mark Aiken , Manuel Fähndrich , Chris Hawblitzel , Orion Hodson , James Larus , Steven Levi , Bjarne Steensgaard , David Tarditi , Ted Wobber, Sealing OS processes to improve dependability and safety, ACM SIGOPS Operating Systems Review, v.41 n.3, June 2007
	John R. Lange , Peter A. Dinda, Transparent network services via a virtual traffic layer for virtual machines, Proceedings of the 16th international symposium on High performance distributed computing, June 25-29, 2007, Monterey, California, USA
	Richard Ta-Min , Lionel Litty , David Lie, Splitting interfaces: making trust between applications and operating systems configurable, Proceedings of the 7th symposium on Operating systems design and implementation, November 06-08, 2006, Seattle, Washington
	Douglas Thain, Identity Boxing: A New Technique for Consistent Global Identity, Proceedings of the 2005 ACM/IEEE conference on Supercomputing, p.51, November 12-18, 2005
	Ryan Gardner , Sujata Garera , Aviel D. Rubin, On the difficulty of validating voting machine software with software, Proceedings of the USENIX/Accurate Electronic Voting Technology on USENIX/Accurate Electronic Voting Technology Workshop, p.11-11, August 06, 2007, Boston, MA
	Matthias Jacob , Mariusz H. Jakubowski , Ramarathnam Venkatesan, Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings, Proceedings of the 9th workshop on Multimedia & security, September 20-21, 2007, Dallas, Texas, USA
	Andrea Bottoni , Gianluca Dini , Evangelos Kranakis, Credentials and Beliefs in Remote Trusted Platforms Attestation, Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks, p.662-667, June 26-29, 2006
	Bernhard Jansen , Hari-Govind V. Ramasamy , Matthias Schunter, Policy enforcement and compliance proofs for Xen virtual machines, Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 05-07, 2008, Seattle, WA, USA
	Kuniyasu Suzaki , Toshiki Yagi , Kengo Iijima , Nguyen Anh Quynh, OS circular: internet client for reference, Proceedings of the 21st conference on 21st Large Installation System Administration Conference, p.1-12, November 11-16, 2007, Dallas
	Emanuele Cesena , Gianluca Ramunno , Davide Vernizzi, Secure storage using a sealing proxy, Proceedings of the 1st European workshop on system security, March 31-31, 2008, Glasgow, Scotland
	Lionel Litty , H. Andrés Lagar-Cavilla , David Lie, Hypervisor support for identifying covertly executing binaries, Proceedings of the 17th conference on Security symposium, p.243-258, July 28-August 01, 2008, San Jose, CA
	Jonathan M. McCune , Bryan J. Parno , Adrian Perrig , Michael K. Reiter , Hiroshi Isozaki, Flicker: an execution infrastructure for tcb minimization, ACM SIGOPS Operating Systems Review, v.42 n.4, May 2008
	Xinwen Zhang , Onur Acıiçmez , Jean-Pierre Seifert, A trusted mobile phone reference architecturevia secure kernel, Proceedings of the 2007 ACM workshop on Scalable trusted computing, November 02-02, 2007, Alexandria, Virginia, USA
	Haibo Chen , Jieyun Chen , Wenbo Mao , Fei Yan, Daonity - Grid security from two levels of virtualization, Information Security Tech. Report, v.12 n.3, p.123-138, January, 2007
	Bryan D. Payne , Reiner Sailer , Ramón Cáceres , Ron Perez , Wenke Lee, A layered approach to simplified access control in virtualized systems, ACM SIGOPS Operating Systems Review, v.41 n.4, July 2007
	Jisoo Yang , Kang G. Shin, Using hypervisor to provide data secrecy for user applications on a per-page basis, Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 05-07, 2008, Seattle, WA, USA
	Sid Stamm , Nicholas Paul Sheppard , Reihaneh Safavi-Naini, Implementing Trusted Terminals with a and SITDRM, Electronic Notes in Theoretical Computer Science (ENTCS), v.197 n.1, p.73-85, February, 2008
	Xuxian Jiang , Xinyuan Wang , Dongyan Xu, Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
	Patrick Traynor , Michael Chien , Scott Weaver , Boniface Hicks , Patrick McDaniel, Noninvasive Methods for Host Certification, ACM Transactions on Information and System Security (TISSEC), v.11 n.3, p.1-23, March 2008
	Prashant Dewan , David Durham , Hormuzd Khosravi , Men Long , Gayathri Nagabhushan, A hypervisor-based system for protecting software runtime memory and persistent storage, Proceedings of the 2008 Spring simulation multiconference, April 14-17, 2008, Ottawa, Canada
	Lifu Wang , Partha Dasgupta, Coprocessor-based hierarchical trust management for software integrity and digital identity protection, Journal of Computer Security, v.16 n.3, p.311-339, August 2008
	Yih Huang , Angelos Stavrou , Anup K. Ghosh , Sushil Jajodia, Efficiently tracking application interactions using lightweight virtualization, Proceedings of the 1st ACM workshop on Virtual machine security, October 27-27, 2008, Alexandria, Virginia, USA
	Rachel Greenstadt , Jacob Beal, Cognitive security for personal devices, Proceedings of the 1st ACM workshop on Workshop on AISec, October 27-27, 2008, Alexandria, Virginia, USA
	Janne Lindqvist , Juha-Matti Tapio, Protecting privacy with protocol stack virtualization, Proceedings of the 7th ACM workshop on Privacy in the electronic society, October 27-27, 2008, Alexandria, Virginia, USA
	Yuanyuan Zeng , Xin Hu , Haixiong Wang , Kang G. Shin , Abhijit Bose, Containment of network worms via per-process rate-limiting, Proceedings of the 4th international conference on Security and privacy in communication netowrks, September 22-25, 2008, Istanbul, Turkey
	Jörg Brakensiek , Axel Dröge , Martin Botteck , Hermann Härtig , Adam Lackorzynski, Virtualization as an enabler for security in mobile devices, Proceedings of the 1st workshop on Isolation and integration in embedded systems, p.17-22, April 01-01, 2008, Glasgow, Scotland
	Ionut Constandache , Aydan Yumerefendi , Jeff Chase, Secure control of portable images in a virtual computing utility, Proceedings of the 1st ACM workshop on Virtual machine security, October 27-27, 2008, Alexandria, Virginia, USA
	Liang Gu , Xuhua Ding , Robert Huijie Deng , Bing Xie , Hong Mei, Remote attestation on program execution, Proceedings of the 3rd ACM workshop on Scalable trusted computing, October 31-31, 2008, Alexandria, Virginia, USA
	Frederic Stumpf , Andreas Fuchs , Stefan Katzenbeisser , Claudia Eckert, Improving the scalability of platform attestation, Proceedings of the 3rd ACM workshop on Scalable trusted computing, October 31-31, 2008, Alexandria, Virginia, USA
	Sean M. Price, Host-Based Security Challenges and Controls: A Survey of Contemporary Research, Information Security Journal: A Global Perspective, v.17 n.4, p.170-178, July 2008
	Dries Schellekens , Brecht Wyseur , Bart Preneel, Remote attestation on legacy operating systems with trusted platform modules, Science of Computer Programming, v.74 n.1-2, p.13-22, December, 2008
	Najwa Aaraj , Anand Raghunathan , Niraj K. Jha, Analysis and design of a hardware/software trusted platform module for embedded systems, ACM Transactions on Embedded Computing Systems (TECS), v.8 n.1, p.1-31, December 2008
	Adrian Baldwin , Chris Dalton , Simon Shiu , Krzysztof Kostienko , Qasim Rajpoot, Providing secure services for a virtual infrastructure, ACM SIGOPS Operating Systems Review, v.43 n.1, January 2009
	Seiji Munetoh , Megumi Nakamura , Sachiko Yoshihama , Michiharu Kudo, Integrity Management Infrastructure for Trusted Computing, IEICE - Transactions on Information and Systems, v.E91-D n.5, p.1242-1251, May 2008
	Vikas R. Vasisht , Hsien-Hsin S. Lee, SHARK: Architectural support for autonomic protection against stealth by rootkit exploits, Proceedings of the 2008 41st IEEE/ACM International Symposium on Microarchitecture, p.106-116, November 08-12, 2008
	Vikas R. Vasisht , Hsien-Hsin S. Lee, SHARK: Architectural support for autonomic protection against stealth by rootkit exploits, Proceedings of the 2008 41st IEEE/ACM International Symposium on Microarchitecture, p.106-116, November 08-12, 2008
	Takahiro Shinagawa , Hideki Eiraku , Kouichi Tanimoto , Kazumasa Omote , Shoichi Hasegawa , Takashi Horie , Manabu Hirano , Kenichi Kourai , Yoshihiro Oyama , Eiji Kawai , Kenji Kono , Shigeru Chiba , Yasushi Shinjo , Kazuhiko Kato, BitVisor: a thin hypervisor for enforcing i/o device security, Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 11-13, 2009, Washington, DC, USA
	Tomohiro Katori , Lei Sun , Dennis K. Nilsson , Tatsuo Nakajima, Building a self-healing embedded system in a multi-OS environment, Proceedings of the 2009 ACM symposium on Applied Computing, March 08-12, 2009, Honolulu, Hawaii
	Andrew G. Miklas , Stefan Saroiu , Alec Wolman , Angela Demke Brown, Bunker: a privacy-oriented platform for network tracing, Proceedings of the 6th USENIX symposium on Networked systems design and implementation, p.29-42, April 22-24, 2009, Boston, Massachusetts