TY - GEN
T1 - NoHype
T2 - 37th International Symposium on Computer Architecture, ISCA 2010
AU - Keller, Eric
AU - Szefer, Jakub
AU - Rexford, Jennifer L.
AU - Lee, Ruby Bei-Loh
PY - 2010
Y1 - 2010
N2 - Cloud computing is a disruptive trend that is changing the way we use computers. The key underlying technology in cloud infrastructures is virtualization-so much so that many consider virtualization to be one of the key features rather than simply an implementation detail. Unfortunately, the use of virtualization is the source of a significant security concern. Because multiple virtual machines run on the same server and since the virtualization layer plays a considerable role in the operation of a virtual machine, a malicious party has the opportunity to attack the virtualization layer. A successful attack would give the malicious party control over the all-powerful virtualization layer, potentially compromising the confidentiality and integrity of the software and data of any virtual machine. In this paper we propose removing the virtualization layer, while retaining the key features enabled by virtualization. Our NoHype architecture, named to indicate the removal of the hypervisor, addresses each of the key roles of the virtualization layer: arbitrating access to CPU, memory, and I/O devices, acting as a network device (e.g., Ethernet switch), and managing the starting and stopping of guest virtual machines. Additionally, we show that our NoHype architecture may indeed be "no hype" since nearly all of the needed features to realize the NoHype architecture are currently available as hardware extensions to processors and I/O devices.
AB - Cloud computing is a disruptive trend that is changing the way we use computers. The key underlying technology in cloud infrastructures is virtualization-so much so that many consider virtualization to be one of the key features rather than simply an implementation detail. Unfortunately, the use of virtualization is the source of a significant security concern. Because multiple virtual machines run on the same server and since the virtualization layer plays a considerable role in the operation of a virtual machine, a malicious party has the opportunity to attack the virtualization layer. A successful attack would give the malicious party control over the all-powerful virtualization layer, potentially compromising the confidentiality and integrity of the software and data of any virtual machine. In this paper we propose removing the virtualization layer, while retaining the key features enabled by virtualization. Our NoHype architecture, named to indicate the removal of the hypervisor, addresses each of the key roles of the virtualization layer: arbitrating access to CPU, memory, and I/O devices, acting as a network device (e.g., Ethernet switch), and managing the starting and stopping of guest virtual machines. Additionally, we show that our NoHype architecture may indeed be "no hype" since nearly all of the needed features to realize the NoHype architecture are currently available as hardware extensions to processors and I/O devices.
KW - Cloud computing
KW - Hypervisor
KW - Many-core
KW - Multi-core
KW - Security
KW - System architecture
KW - Virtualization
UR - http://www.scopus.com/inward/record.url?scp=77954969841&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77954969841&partnerID=8YFLogxK
U2 - 10.1145/1815961.1816010
DO - 10.1145/1815961.1816010
M3 - Conference contribution
AN - SCOPUS:77954969841
SN - 9781450300520
T3 - Proceedings - International Symposium on Computer Architecture
SP - 350
EP - 361
BT - ISCA 2010 - The 37th Annual International Symposium on Computer Architecture, Conference Proceedings
Y2 - 19 June 2010 through 23 June 2010
ER -