Virtual Machine Monitors (VMMs), also called hypervisors,can be used to construct a trusted computing base (TCB) enhancing the security of existing operating systems. The complexity of a VMM-based TCB causes the high risk of security vulnerabilities. Therefore, this paper proposesa two-step execution mechanism to reduce the complexityof a VMM-based TCB. We propose a method to separate aconventional VMM-based TCB into the following two parts:(1) A thin hypervisor with security services and (2) A special guest OS for security preprocessing. A special guestOS performing security tasks can be executed in advance.After shutting down the special guest OS, a hypervisor obtains preprocessing security data and next boots a targetguest OS to be protected. Thus, the proposed two-step execution mechanism can reduce run-time codes of a hypervisor. This paper shows a design, a prototype implementation and measurement results of lines of code using BitVisor, a VMM-based TCB we have developed.
@lorenc_dan @mjmalone @apenwarr @ErrataRob I think that's one way to describe it. I think it's also that for a personal device, physical separation of the owner's security token from the device should render the device unusable. There were some similar ideas in BitVisor:
https://t.co/FRQHaBKrQW