Sung-Min Lee

Fine-grained I/O access control of the mobile devices based on the Xen architecture

System virtualization is now available for mobile devices allowing for many advantages. Two of the major benefits from virtualization are system fault isolation and security. The isolated driver domain (IDD) model, a widely adopted architecture, enables strong system fault isolation by limiting the impact of driver faults to the driver domain itself. However, excessive I/O requests from a malicious domain to an IDD can cause CPU overuse of the IDD and performance degradation of applications in the IDD and other domains that share the same I/O device with the malicious do-main. If the IDD model is applied to mobile devices, this failure of performance isolation could also lead to battery drain, and thus it introduces a new severe threat to mobile devices. In order to solve this problem, we propose a fine-grained I/O access control mechanism in an IDD. Requests from guest domains are managed by an accounting module in terms of CPU usage, with the calcula-tion of estimated CPU consumption using regression equations. The requests are scheduled by an I/O access control enforcer ac-cording to security policies. As a result, our mechanism provides precise control on the CPU usage of a guest domain due to I/O device access, and prevents malicious guest domains from CPU overuse, performance degradation, and battery drain. We have implemented a prototype of our approach considering both network and storage devices with a real smart phone (SGH-i780) that runs two para-virtualized Linux kernels on top of Secure Xen on ARM. The evaluation shows our approach effectively protects a smart phone against excessive I/O attacks and guarantees availability.

Fine-grained I/O access control based on Xen virtualization for 3G/4G mobile devices

Although Xens isolated driver domain (IDD) model enables strong system isolation by limiting the impact of driver faults to the driver domain itself, it results in severe security problems when malware in a guest domain tries to abuse mobile devices limited system resources by sending an extreme number of I/O requests to the IDD. In order to solve this problem, this paper presents a fine-grained I/O access control mechanism in an IDD. Requests from guest domains are managed by an accounting module in terms of CPU usage, with the calculation of estimated CPU consumption using regression equations. The requests are scheduled by an I/O access control enforcer according to security policies. As a result, our mechanism provides precise control on the CPU usage of a guest domain due to I/O device access, and prevents compromised guest domains from CPU overuse, performance degradation, and battery drain. We have implemented a prototype of our approach considering both network and storage devices with a real smart phone (SGH-i780) that runs two para-virtualized Linux kernels on top of Secure Xen on ARM. The evaluation shows our approach effectively protects a smart phone against excessive I/O attacks and guarantees availability.

Dynamic CPU resource allocation for multicore CE devices running multiple operating systems

This paper presents a novel resource allocation scheme for multicore-based high-end CE devices running multiple operating systems by leveraging virtualization. Different from existing virtualization technology for CE devices, our approach dynamically allocates multicore resources to each operating system according to workload characteristics to maximize the multicore utilization and the performance of each operating system. The proposed scheme is designed and implemented based on Xen-ARM which is the Xen port to ARM processors. Our experimental results show that the proposed scheme improves the performance of an IO-bound domain up to 250% compared to existing approach.

Seamless windowing for a future CE device running multiple operating systems

This paper presents a seamless windowing architecture for a virtualized CE device on which operating systems run simultaneously. Our approach allows users to run applications on multiple software platforms as if on a single platform.

A Virtual Window System for CE Devices Based on System Virtualization

Owing to the benefits of system virtualization, even CE devices have come to take advantage of the technology. However, due to the lack of windowing system which fits virtualization-based CE devices, it is not only inefficient but also difficult for end users to utilize the CE devices running multiple domains. In this paper we present an effective virtual window system for CE devices based on system virtualization. Our approach has three major advantages: (1) by modifying X window system, it provides shared windowing services between domains without dependency of a specific network protocol; (2) by providing a unified graphical user interface which integrates icons of all the applications from every domain, it frees users from remembering which applications are located in which domain and from doing tedious operations for application launching and installation; (3) it provides efficiency in terms of size (storage and memory) and performance to CE devices. We have implemented a prototype of the virtual window system on the basis of Secure Xen on ARM. Our evaluation shows that our approach is usable and efficient enough to be practically adopted for CE devices based on system virtualization.

Content-Sharing for Dummies: A Secure and Usable Mechanism in Wi-Fi Infrastructure Home Networks

This paper proposes a content-sharing mechanism, which is both secure and usable for wireless guest devices. It is very difficult for average users to allow a guest device to share its content with the users’ devices supporting the principle of least privilege in the current Wi-Fi infrastructure home network environment. As a result, most people do not configure the security feature of their devices. The proposed mechanism frees users from security and tedious operations, thus enabling secure content sharing by a simple and intuitive user interaction via just one touch. Our evaluation shows that the proposed mechanism is secure and usable. Keywords-