University of Limerick Institutional Repository

Investigation and development of a hypervisor-based security architecture utilising a state-of-the-art hardware trust anchor

DSpace Repository

Show simple item record

dc.contributor.advisor Heffernan, Donal
dc.contributor.author Schramm, Martin
dc.date.accessioned 2011-12-09T13:17:00Z
dc.date.available 2011-12-09T13:17:00Z
dc.date.issued 2011
dc.identifier.uri http://hdl.handle.net/10344/1688
dc.description peer-reviewed en_US
dc.description.abstract Trusted Computing is a relatively new approach to computer security in which a system should be permanently maintained in a well-defined state - and therefore it will reside in a trustworthy state. The word "trustworthy" in this context means that the system always behaves in a specific way as defined by the platform manufacturer and/or the administrator/owner. A key element of this approach is to employ a security module, which is implemented in hardware, and which is tied to the platform so as to serve as a trust anchor. Based on that ’root of trust’ and other features, an effective security architecture is proposed in this research. Virtualization techniques, which were formerly developed for server consolidation, cost reduction, and conservation of energy are now gaining more and more interest in the field of trusted computing. Virtualization can greatly enhance the security of a system by isolating applications, or even whole operating systems, by splitting the computer system into smaller parts, whose integrity can be more easily assured. This project is concerned with the development of a system that will effectively combine the isolation features of the virtualization schemes with a state-of-the-art hardware security module. This system will provide reliable protection against sophisticated software-based attacks and will withstand elementary hardware-based attacks. The building block approach of this proposed security architecture makes sure that many different application fields can archive a high level of security by combining the appropriate components. The research examines some emerging approaches to computer security and proposes a novel security architecture based on a hardware trust anchor. An experimental system is developed to provide a ’proof-of-concept’ model for evaluation. The target application area for the architecture is the embedded computing space, in particular x86 based architectures. The selection of hardware elements and the choice of hypervisor are discussed and justified. The assumptions on the features of the architecture are evaluated and validated in the context of potential security improvements. Future research in this niche area is proposed. en_US
dc.language.iso eng en_US
dc.publisher University of Limerick en_US
dc.subject computer security en_US
dc.subject virtualization en_US
dc.title Investigation and development of a hypervisor-based security architecture utilising a state-of-the-art hardware trust anchor en_US
dc.type Master thesis (Research) en_US
dc.type.supercollection all_ul_research en_US
dc.type.supercollection ul_published_reviewed en_US
dc.type.supercollection ul_theses_dissertations en_US
dc.type.restriction none en


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search ULIR


Browse

My Account

Statistics