Journal of Frontiers of Computer Science and Technology ›› 2020, Vol. 14 ›› Issue (2): 200-214.DOI: 10.3778/j.issn.1673-9418.1909071

Previous Articles     Next Articles

Survey on Protection Mechanisms for Untrusted Hypervisor in Cloud

GU Jianan, ZHENG Beilei, WENG Chuliang   

  1. School of Data Science and Engineering, East China Normal University, Shanghai 200062, China
  • Online:2020-02-01 Published:2020-02-16



  1. 华东师范大学 数据科学与工程学院,上海 200062


In this big data era, the multi-tenant cloud platform plays an important role. However, as one of the major technologies adopted in the cloud platforms, the virtualization technology is not secure enough. The Hypervisor is a key layer in the virtualization software stack that manages vital tasks between guest virtual machines and the bare metal, such as resource allocation, sharing and isolation. Meanwhile, the Hypervisor suffers from vulnerabilities along with its large attack surface, which makes attacks on the Hypervisor threaten the cloud and applications above. Therefore, constructing protection mechanisms for the untrusted Hypervisor in the cloud is necessary. Survey from the perspective of the protection mechanism's construction: analyze the feasibility and challenges, and do cla-ssifications; present the related work in this field in terms of integrity detection mechanisms, defense mechanisms, and isolation mechanisms; give research trends and provide a valuable reference for future researches on the vir-tualization security and on building a reliable multi-tenant cloud platform.

Key words: cloud platform, virtualization security, untrusted Hypervisor, construction of protection mechanism



关键词: 云平台, 虚拟化安全, 非可信Hypervisor, 保护机制构建