2010 IEEE Second International Conference on Cloud Computing Technology and Science (2010)
Indianapolis, Indiana USA
Nov. 30, 2010 to Dec. 3, 2010
One of the underpinnings of Cloud Computing security is the runtime integrity of individual Cloud servers. Due to the on-going discovery of runtime software vulnerabilities like buffer overflows, it is critical to be able to gauge the integrity of a Cloud server as it operates. In this paper, we propose scoped invariants as a primitive for analyzing the software system for its integrity properties. We report our experience with the modeling and detection of scoped invariants. The Xen Virtual Machine Manager is used for a case study. Our research detects a set of essential scoped invariants that are critical to the runtime integrity of Xen. One such property, that the addressable memory limit of a guest OS must not include Xen’s code and data, is indispensable for Xen’s guest isolation mechanism. The violation of this property demonstrates that the attacker only needs to modify a single byte in the Global Descriptor Table to achieve his goal.
integrity modeling, invariants detection, tools, Xen
C. V. Rozas, C. Pu, J. Wei, F. Zhu and A. Rajan, "Modeling the Runtime Integrity of Cloud Servers: A Scoped Invariant Perspective," 2010 IEEE Second International Conference on Cloud Computing Technology and Science(CLOUDCOM), Indianapolis, Indiana USA, 2010, pp. 651-658.