TY - GEN
T1 - Implementation of multi-domain isolation architecture and communication mechanism in Linux
AU - Lan, Yuqing
AU - Zou, Jianlun
N1 - Publisher Copyright:
© 2022 SPIE.
PY - 2022
Y1 - 2022
N2 - Multiple Independent Levels of Security (MILS) is widely used in the design of high assurance operating system. By separating the system into components, and making the components run in different domains, the kernel can control and monitor information flow between components to enhance the security and availability of system. However, due to the complexity and certification cost issue associate with large monolithic kernel, MILS architecture is mainly used in microkernel system. But we still want to use the idea of MILS in monolithic kernel system to improve the security. In the Linux, although there are some access control models based on the concept of domain (like SELinux). Limited by the feature of shared kernel, the security of system is affected by the vulnerabilities in itself. Therefore, this paper proposes a scheme of constructing multiple independent isolated domains based on virtualization technology in Linux. We developed on Linux kernel and QEMU/KVM hypervisor, exploiting the isolation feature brought by virtualization to achieve data isolation. We build domain from virtual machine, so that we can separate origin system into components and run them in domains. In the host, we take control of all domains and implements a secure communication mechanism between domains. By using this secure channel, we can monitor the data transmission between domains, and control the information flow according to the security level of the domain. Finally, we evaluated the effectiveness and efficiency of our communication mechanism.
AB - Multiple Independent Levels of Security (MILS) is widely used in the design of high assurance operating system. By separating the system into components, and making the components run in different domains, the kernel can control and monitor information flow between components to enhance the security and availability of system. However, due to the complexity and certification cost issue associate with large monolithic kernel, MILS architecture is mainly used in microkernel system. But we still want to use the idea of MILS in monolithic kernel system to improve the security. In the Linux, although there are some access control models based on the concept of domain (like SELinux). Limited by the feature of shared kernel, the security of system is affected by the vulnerabilities in itself. Therefore, this paper proposes a scheme of constructing multiple independent isolated domains based on virtualization technology in Linux. We developed on Linux kernel and QEMU/KVM hypervisor, exploiting the isolation feature brought by virtualization to achieve data isolation. We build domain from virtual machine, so that we can separate origin system into components and run them in domains. In the host, we take control of all domains and implements a secure communication mechanism between domains. By using this secure channel, we can monitor the data transmission between domains, and control the information flow according to the security level of the domain. Finally, we evaluated the effectiveness and efficiency of our communication mechanism.
KW - Multi-domain isolation
KW - communication mechanism
KW - virtualization
UR - https://www.scopus.com/pages/publications/85146674628
U2 - 10.1117/12.2661795
DO - 10.1117/12.2661795
M3 - 会议稿件
AN - SCOPUS:85146674628
T3 - Proceedings of SPIE - The International Society for Optical Engineering
BT - Third International Conference on Computer Science and Communication Technology, ICCSCT 2022
A2 - Lu, Yingfa
A2 - Cheng, Changbo
PB - SPIE
T2 - 3rd International Conference on Computer Science and Communication Technology, ICCSCT 2022
Y2 - 30 July 2022 through 31 July 2022
ER -