Change search
ReferencesLink to record
Permanent link

Direct link
Securing DMA through Virtualization
RISE, Swedish ICT, SICS. SEC.
RISE, Swedish ICT, SICS. SEC.
Number of Authors: 2
2012 (English)In: IEEE Conference on Complexity in Engineering, IEEE , 2012, 20Conference paper (Refereed)
Abstract [en]

We present a solution for preventing guests in a virtualized system from using direct memory access (DMA) to access memory regions of other guests. The principles we suggest, and that we also have implemented, are purely based on software and standard hardware. No additional virtualization hardware such as an I/O Memory Management Unit (IOMMU) is needed. Instead, the protection of the DMA controller is realized with means of a common ARM MMU only. Overhead occurs only in pre- and postprocessing of DMA transfers and is limited to a few microseconds. The solution was designed with focus on security and the abstract concept of the approach was formally verified.

Place, publisher, year, edition, pages
IEEE , 2012, 20.
Keyword [en]
DMA, virtualization, security, embedded systems, direct memory access, formal verification
National Category
Computer and Information Science
Identifiers
URN: urn:nbn:se:ri:diva-24036DOI: 10.1109/CompEng.2012.6242958ISBN: 978-1-4673-1615-6ISBN: 978-1-4673-1615-6OAI: oai:DiVA.org:ri-24036DiVA: diva2:1043115
Conference
COMPENG 2012
Projects
TNG SecurityPROSPER
Note
ISBN: 978-1-4673-1614-9. Copyright 2012 IEEE. Published in the Proceedings of the 2nd IEEE International Conference on Complexity in Engineering, June 11-13, 2012, Aachen, Germany. DOI: 10.1109/CompEng.2012.6242958. Obtainable from http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6242958. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works.Available from: 2016-10-31 Created: 2016-10-31

Open Access in DiVA

fulltext(153 kB)4 downloads
File information
File name FULLTEXT01.pdfFile size 153 kBChecksum SHA-512
ab43856d2b5df0b7e3cd4a6f3f1fa1e071852d76d241dee6c0296593b4a3024f14813e2a80d27d4ec39805431533f6195f4c0b28192acccc282e934fbfb8e6f6
Type fulltextMimetype application/pdf

Other links

Publisher's full texthttp
By organisation
SICS
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 4 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 4 hits
ReferencesLink to record
Permanent link

Direct link