- 著者
- Hirano Manabu Shinagawa Takahiro Eiraku Hideki Hasegawa Shoichi Omote Kazumasa Tanimoto Kouichi Horie Takashi Mune Seiji Kato Kazuhiko Okuda Takeshi Kawai Eiji Yamaguchi Suguru
- 出版者
- Institute of Electrical and Electronics Engineers (IEEE)
- 雑誌
- 2009 Third International Conference on Emerging Security Information, Systems and Technologies
- 巻号頁・発行日
- pp.129-135, 2009-06
- 被引用文献数
- 1
Virtual Machine Monitors (VMMs), also called hypervisors,can be used to construct a trusted computing base (TCB) enhancing the security of existing operating systems. The complexity of a VMM-based TCB causes the high risk of security vulnerabilities. Therefore, this paper proposesa two-step execution mechanism to reduce the complexityof a VMM-based TCB. We propose a method to separate aconventional VMM-based TCB into the following two parts:(1) A thin hypervisor with security services and (2) A special guest OS for security preprocessing. A special guestOS performing security tasks can be executed in advance.After shutting down the special guest OS, a hypervisor obtains preprocessing security data and next boots a targetguest OS to be protected. Thus, the proposed two-step execution mechanism can reduce run-time codes of a hypervisor. This paper shows a design, a prototype implementation and measurement results of lines of code using BitVisor, a VMM-based TCB we have developed.
- 著者
- OMOTE Kazumasa KATO Kazuhiko
- 出版者
- 電子情報通信学会
- 雑誌
- IEICE transactions on information and systems (ISSN:09168532)
- 巻号頁・発行日
- vol.E93.D, no.5, pp.1080-1086, 2010-05
In key-recovery methods using smart cards, a user can recover the disk encryption key in cooperation with the system administrator, even if the user has lost the smart card including the disk encryption key. However, the disk encryption key is known to the system administrator in advance in most key-recovery methods. Hence user's disk data may be read by the system administrator. Furthermore, if the disk encryption key is not known to the system administrator in advance, it is difficult to achieve a key authentication.In this paper, we propose a scheme which enables to recover the disk encryption key when the user's smart card is lost. In our scheme, the disk encryption key is not preserved anywhere and then the system administrator cannot know the key before key-recovery phase. Only someone who has a user's smart card and knows the user's password can decrypt that user's disk data. Furthermore, we measured the processing time required for user authentication in an experimental environment using a virtual machine monitor. As a result, we found that this processing time is short enough to be practical.
- 著者
- Suzuki Shinichi Shinjo Yasushi Hirotsu Toshio Itano Kozo Kato Kazuhiko
- 出版者
- Elsevier Ltd.
- 雑誌
- Journal of Network and Computer Applications (ISSN:10848045)
- 巻号頁・発行日
- vol.30, no.4, pp.1275-1282, 2007-11
- 被引用文献数
- 5 2
In conventional egress network access control (NAC) based on access control lists (ACLs),modifying the ACLs is a heavy task for administrators. To enable configuration without a largeamount of administrators’ effort, we introduce capabilities to egress NAC. In our method, a user cantransfer his/her access rights (capabilities) to other persons without asking administrators. To realizeour method, we use a DNS cache server and a router. A resolver of the client sends the user name,domain name, and service name to the DNS cache server. The DNS server issues capabilitiesaccording to a policy and sends them to the client. The client puts these capabilities into the IP optionsof packets and sends them to the router. The router verifies the capabilities, and determines whether topass or block the packets. In this paper, we describe the design and implementation of our method indetail. Experimental results show that our method does not reduce the router’s performance.