Home Projects Scholarships Curriculum SFS People



WWW
ISIS






Featured Project:

Steganography

Courses
ISISWiki
Research Opportunities
Contact Us
Projects

havenHigh Assurance Virtualization ENgine

Virtualization technology has been around since the late 1960's. Initially, it was conceived to maximize utilization of expensive hardware by running multiple instances of an operating system using virtual machines (VM). In the last decade, virtualization has become popular due to its cost and space saving advantages. From a security perspective, virtualization enables implementation of a key security design principle, namely compartmentalization. Several performance and security issues have been identified in current virtualization architectures for x86 machines. These issues arise from the fact that the current virtualization architecture depends on a central VM0 to provide critical I/O services. In this project we propose to prototype a High Assurance Virtualization ENgine (HAVEN) using Field Programmable Gate Array (FPGA) based secure co-processing to address the aforementioned limitations of current virtualization technology. HAVEN will:

  • Increase reliability via a hardware-assisted virtual I/O subsystem for each VM
  • Improve performance by minimizing and possibly eliminating the switching back to the controller VM0 and by using a hardwar virtual I/O manager
  • Improve security by protecting storage and communication channels using FPGA-assisted encryption and authentication

Project Details
Project Management(Authorization Required)

Participants:

Vikram Padman
Dinesh Chandrasekaran
Ramesh Karri
Nasir Memon

Resources:

Back to Projects