Home > Information Technology, Innovation, Privacy, Security, Software, Technology > Researchers Create SICE – a Secure, Stealth VM on Virtual Servers

Researchers Create SICE – a Secure, Stealth VM on Virtual Servers

“A team of researchers have devised a way to create an isolated and trusted environment on virtualized servers. Called the “Strongly Isolated Computing Environment” (SICE), the approach makes it possible to run sensitive computing processes alongside less secure workloads on the same physical hardware.

SICE, developed by Ahmed M. Azab and Peng Ning of North Carolina State University and Xiaolan Zhang of IBM’s T. J. Watson Research Center, is currently a research prototype.

Peng and his fellow researchers will present a paper on SICE at the ACM Conference on Computer and Communications Security in Chicago on October 19. But if further developed, it potentially addresses one of the major security concerns with using virtualized environments: that attackers could take advantage of exploits in a hypervisor environment to access the memory and storage of the virtual machines running within it.

While it uses a hypervisor to communicate with the network and other workloads, SICE uses low-level functionality in x86 processors to carve off processing power and memory from the host computer, creating an environment partitioned off from less secure processes.

SICE uses x86 processors’ Systems Management Mode (SMM) to lock down regions of the computer’s memory, “so even the hypervisor can’t look inside,” Dr. Peng said in an interview with Ars Technica. “Even though it’s only one computer, it can be separated into two or more isolated environments,” he said.

SICE uses an extremely small amount of code to create the system isolation—approximately 300 lines—which makes the system much easier to secure, and “only these 300 lines of code need to be trusted to ensure the isolation,” according to Peng.”

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: