Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Systems Architecture
Fimce: A Fully Isolated Micro-Computing Environment For Multicore Systems, Siqi Zhao, Xuhua Ding
Fimce: A Fully Isolated Micro-Computing Environment For Multicore Systems, Siqi Zhao, Xuhua Ding
Research Collection School Of Computing and Information Systems
Virtualization-based memory isolation has been widely used as a security primitive in various security systems to counter kernel-level attacks. In this article, our in-depth analysis on this primitive shows that its security is significantly undermined in the multicore setting when other hardware resources for computing are not enclosed within the isolation boundary. We thus propose to construct a fully isolated micro-computing environment (FIMCE) as a new primitive. By virtue of its architectural niche, FIMCE not only offers stronger security assurance than its predecessor, but also features a flexible and composable environment with support for peripheral device isolation, thus greatly expanding …