Dissertation > Excellent graduate degree dissertation topics show

File Protection System Research Based on Hardware Assisted Virtualization

Author: WangJunQing
Tutor: QiZhengWei
School: Shanghai Jiaotong University
Course: Software Engineering
Keywords: File Protection Virtual Machine Monitor Hardware virtualization Trusted Computing Base
CLC: TP309
Type: Master's thesis
Year: 2012
Downloads: 42
Quote: 0
Read: Download Dissertation

Abstract


To prevent sensitive documents from unauthorized access is a problem in the field of computer security. The traditional file protection mechanism running inside the operating system, once the operating system is compromised, file protection feature is likely to be banned or bypass. To solve this problem, recent studies have proposed the file system into a dedicated virtual machine, or accessed via the network file system, in order to achieve the file access control does not depend on the operating system. Although these methods improve the barrier properties of the protection system to the operating system, but a substantial increase in the size of the system's trusted computing base, thereby affecting the reliability and security of the entire system. In this paper, the hardware-based virtualization technology to achieve lightweight virtual machine monitor specific file protection for the deficiencies of the existing solutions. Of this study can be summarized as the following two points: First, based Bitvisor virtual machine monitor frame and hardware virtualization technology to achieve a lightweight virtual machine monitor. The virtual machine monitor system protection, the prevalence of a problem, that is, the virtual machine monitor security issues. Bitvisor is used to protect the system security lightweight virtual machine monitor framework, this paper take advantage of the latest hardware virtualization technology improved it. Further reduce the amount of code and improve its performance, modify the virtual machine monitor trusted computing base code than the trusted computing base general purpose virtual machine monitor small amount of code at least an order of magnitude. Trusted computing base code to reduce the amount to a substantial increase in the safety and reliability of the system itself. Secondly, the use of the virtual machine monitor to successfully achieve the protection of sensitive files. Virtual machine, the virtual machine's file protection there is a semantic gap problem, the virtual machine monitor can only monitor the operation of the client operating system disk blocks, and the protection is to file granularity, both The contradiction between. This article according to the format specification of the file system and the file system of the original data reconstruction to get the file to disk block mapping, to solve the above problems. Even if the intruder permission to have the operating system kernel, the virtual machine monitor to prevent sensitive documents from unauthorized access. We have achieved the FAT32 file system and the Windows XP operating system on a prototype to test its function, and to demonstrate that our design is feasible. Finally, the performance tests to prove it in the real world scene, the impact on the performance of the operating system may be acceptable.

Related Dissertations

  1. Protection of Archival History, Status Quo and Development Trend,G273.3
  2. The Research of Anti-Trojan Technology Based JAVA Bytecode,TP393.08
  3. Constructing Electronic Archives Security System,G276
  4. SMART-VMM: The Design and Implementation of Virtual Machine Monitor Based on VT-x,TP302
  5. Research and Application of Video and Multimedia Content Management System,TP311.52
  6. The Design and Implementation of a Hypervisor Based on VT/SVM and Trusted Computing Technology,TP277
  7. Research on Technology of CPU Virtualization Based on VT-x,TP332
  8. Research on Rootkit Detection Technology Based on Hardware Virtualization Technology,TP393.08
  9. Research on Architecture of Virtual Machine Monitor,TP277
  10. Virtual Machine Condition Monitoring and Service Deployment of Key Technologies in Cloud Environment,TP302
  11. Hardware Virtualization Assisted Security Monitor for Cross-Platform Protection,TP309
  12. Research and Implement on Mechanism of Memory Management in Virtual Machine Monitor,TP391.9
  13. Platform for ATM host intrusion defense systems design and implementation,TP393.08
  14. File-based parsing file infection method,TP391.1
  15. Certifying Compilation in an Infrastructure for Developing Trustable Software,TP311.52
  16. Certifying the Safety of Assembly Pointer Programs,TP313
  17. The Research on Virtual Machine Based-on Xen,TP302
  18. Design and Implemetation of Host-Based Malcode Detection System,TP393.08
  19. The Analysis and Research on Para-Virtualization,TP391.9
  20. Research of the Security Module in Virtualization Technology,TP393.08

CLC: > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > General issues > Security and confidentiality
© 2012 www.DissertationTopic.Net  Mobile