2025-02-23T00:07:00-05:00 DEBUG: VuFindSearch\Backend\Solr\Connector: Query fl=%2A&wt=json&json.nl=arrarr&q=id%3A%22drspiprikievua-article-158525%22&qt=morelikethis&rows=5
2025-02-23T00:07:00-05:00 DEBUG: VuFindSearch\Backend\Solr\Connector: => GET http://localhost:8983/solr/biblio/select?fl=%2A&wt=json&json.nl=arrarr&q=id%3A%22drspiprikievua-article-158525%22&qt=morelikethis&rows=5
2025-02-23T00:07:00-05:00 DEBUG: VuFindSearch\Backend\Solr\Connector: <= 200 OK
2025-02-23T00:07:00-05:00 DEBUG: Deserialized SOLR response
Securing virtual machines with AMD Zen CPU architecture and instruction set

Securing virtual machines with AMD Zen CPU architecture and instruction set

It is demonstrated the development of a virtualization environment security subsystem with the help of hardware-accelerated AMD Zen CPU cryptography API and its instruction set for security tasks, including but not limited to: protection against unauthorized memory access, data leaks, hypervisor bre...

Full description

Saved in:
Bibliographic Details
Main Authors: Sokolovskyi, V. S., Karpinets, V. V., Yaremchuk, Yu. E., Prisyagniy, D. P., Pryimak, A. V.
Format: Article
Language:Ukrainian
Published: Інститут проблем реєстрації інформації НАН України 2018
Subjects:
information security
hypervisor
cryptographic processor
memory encryption
AMD Secure Encrypted Virtualization technology
AMD Zen CPU architecture
захист інформації
віртуалізація
гіпервізор
криптографічний процесор
шифрування пам’яті
технологія Secure Encrypted Virtualization
Secure Memory Encryption
мікроархітектура AMD Zеп
Online Access:http://drsp.ipri.kiev.ua/article/view/158525
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:It is demonstrated the development of a virtualization environment security subsystem with the help of hardware-accelerated AMD Zen CPU cryptography API and its instruction set for security tasks, including but not limited to: protection against unauthorized memory access, data leaks, hypervisor breach, external attacks and malware spread via the Internet. The method in question utilizes real-time memory encryption and decryption, with the memory bandwidth and computing power sufficient for seamless hypervisor and server operation, virtual machine live migration and secure export, and demonstrates capabilities of ARM Cortex A5 on-board cryptography processor core for mentioned tasks, as well as providing secure asymmetric key exchange invisible and inaccessible to any software beside internal Trusted Platform Module and its inner DRAM memory controller, to guarantee high level of virtual environment security and sufficient resistance to most active attacks with minimum computation overhead, suitable for most real-life virtualization-based workload scenarios. The example subsystem specifically targets Microsoft Windows 10 operating system, however software support for different operating systems (including UNIX-based) may already be provided by appropriate vendors, including enterprise-ready solutions, such as Cisco, Dell, HP, etc.

Similar Items