Architectural support of multiple hypervisors over single platform for enhancing cloud computing security

Weidong Shi, Jong Hyuk Lee, Taeweon Suh, Dong Hyuk Woo, Xinwen Zhang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)

Abstract

This paper presents MultiHype, a novel architecture that supports multiple hypervisors (or virtual machine monitors) on a single physical platform by leveraging many-core based cloud-on-chip architecture. A MultiHype platform consists of a control plane and multiple hypervisors created on-demand, each can further create multiple guest virtual machines. Supported at architectural level, a single platform using MultiHype can behave as a distributed system with each hypervisor and its virtual machines running independently and concurrently. As a direct consequence, vulnerabilities of one hypervisor or its guest virtual machine can be confined within its own domain, which makes the platform more resilient to malicious attacks and failures in a cloud environment. Towards defending against resource exhaustion attacks, MultiHype further implements a new cache eviction policy and memory management scheme for preventing resource monopolization on shared cache, and defending against denial of resource exploits on physical memory resource launched from malicious virtual machines on shared platform. We use Bochs emulator and cycle based x86 simulation to evaluate the effectiveness and performance of MultiHype.

Original languageEnglish
Title of host publicationCF '12 - Proceedings of the ACM Computing Frontiers Conference
Pages75-84
Number of pages10
DOIs
Publication statusPublished - 2012
EventACM Computing Frontiers Conference, CF '12 - Cagliari, Italy
Duration: 2012 May 152012 May 17

Publication series

NameCF '12 - Proceedings of the ACM Computing Frontiers Conference

Other

OtherACM Computing Frontiers Conference, CF '12
CountryItaly
CityCagliari
Period12/5/1512/5/17

Keywords

  • architecture
  • scalability
  • security
  • virtualization

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'Architectural support of multiple hypervisors over single platform for enhancing cloud computing security'. Together they form a unique fingerprint.

  • Cite this

    Shi, W., Lee, J. H., Suh, T., Woo, D. H., & Zhang, X. (2012). Architectural support of multiple hypervisors over single platform for enhancing cloud computing security. In CF '12 - Proceedings of the ACM Computing Frontiers Conference (pp. 75-84). (CF '12 - Proceedings of the ACM Computing Frontiers Conference). https://doi.org/10.1145/2212908.2212920