Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM

Kohei Otani; Toshiki Okazaki; Toshihiro Yamauchi; Hideaki Moriyama; Masaya Sato; Hideo Taniguchi

doi:10.1109/CANDARW53999.2021.00066

Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM

Kohei Otani, Toshiki Okazaki, Toshihiro Yamauchi, Hideaki Moriyama, Masaya Sato, Hideo Taniguchi

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

To handle information leaks caused by administrative errors or mishandling, a function for tracing the diffusion of classified information using a virtual machine monitor (VMM) was proposed. However, the proposed function has not been investigated in cases in which virtual machines (VMs) allocated by multiple virtual central processing units (vCPUs) are to be monitored. In addition, cases in which multiple VMs are monitored have not been examined. In this study, we describe the support of multiple VMs for the proposed VMM-based tracing function. We also show how to deal with VMs allocated by multiple vCPUs. Furthermore, we report the evaluation results from assessing the traceability of the improved proposed method and its overhead for classified information when a VM with multiple vCPUs is monitored.

Original language	English
Title of host publication	Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	352-358
Number of pages	7
ISBN (Electronic)	9781665428354
DOIs	https://doi.org/10.1109/CANDARW53999.2021.00066
Publication status	Published - 2021
Event	9th International Symposium on Computing and Networking Workshops, CANDARW 2021 - Virtual, Online, Japan Duration: Nov 23 2021 → Nov 26 2021

Publication series

Name	Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021

Conference

Conference	9th International Symposium on Computing and Networking Workshops, CANDARW 2021
Country/Territory	Japan
City	Virtual, Online
Period	11/23/21 → 11/26/21

Keywords

Information leak prevention
Virtualization
VMM

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Information Systems
Software

Access to Document

10.1109/CANDARW53999.2021.00066

Cite this

Otani, K., Okazaki, T., Yamauchi, T., Moriyama, H., Sato, M., & Taniguchi, H. (2021). Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM. In Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021 (pp. 352-358). (Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CANDARW53999.2021.00066

Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM. / Otani, Kohei; Okazaki, Toshiki; Yamauchi, Toshihiro et al.
Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 352-358 (Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Otani, K, Okazaki, T, Yamauchi, T, Moriyama, H, Sato, M & Taniguchi, H 2021, Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM. in Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021. Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021, Institute of Electrical and Electronics Engineers Inc., pp. 352-358, 9th International Symposium on Computing and Networking Workshops, CANDARW 2021, Virtual, Online, Japan, 11/23/21. https://doi.org/10.1109/CANDARW53999.2021.00066

Otani K, Okazaki T, Yamauchi T, Moriyama H, Sato M, Taniguchi H. Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM. In Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 352-358. (Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021). doi: 10.1109/CANDARW53999.2021.00066

Otani, Kohei ; Okazaki, Toshiki ; Yamauchi, Toshihiro et al. / Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM. Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 352-358 (Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021).

@inproceedings{0fa078a625994ac78988b89b2a06447d,

title = "Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM",

abstract = "To handle information leaks caused by administrative errors or mishandling, a function for tracing the diffusion of classified information using a virtual machine monitor (VMM) was proposed. However, the proposed function has not been investigated in cases in which virtual machines (VMs) allocated by multiple virtual central processing units (vCPUs) are to be monitored. In addition, cases in which multiple VMs are monitored have not been examined. In this study, we describe the support of multiple VMs for the proposed VMM-based tracing function. We also show how to deal with VMs allocated by multiple vCPUs. Furthermore, we report the evaluation results from assessing the traceability of the improved proposed method and its overhead for classified information when a VM with multiple vCPUs is monitored. ",

keywords = "Information leak prevention, Virtualization, VMM",

author = "Kohei Otani and Toshiki Okazaki and Toshihiro Yamauchi and Hideaki Moriyama and Masaya Sato and Hideo Taniguchi",

note = "Funding Information: This work was partially supported by JSPS KAKENHI Grant Number 19H04109. Publisher Copyright: {\textcopyright} 2021 IEEE.; 9th International Symposium on Computing and Networking Workshops, CANDARW 2021 ; Conference date: 23-11-2021 Through 26-11-2021",

year = "2021",

doi = "10.1109/CANDARW53999.2021.00066",

language = "English",

series = "Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "352--358",

booktitle = "Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021",

}

TY - GEN

T1 - Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM

AU - Otani, Kohei

AU - Okazaki, Toshiki

AU - Yamauchi, Toshihiro

AU - Moriyama, Hideaki

AU - Sato, Masaya

AU - Taniguchi, Hideo

PY - 2021

Y1 - 2021

N2 - To handle information leaks caused by administrative errors or mishandling, a function for tracing the diffusion of classified information using a virtual machine monitor (VMM) was proposed. However, the proposed function has not been investigated in cases in which virtual machines (VMs) allocated by multiple virtual central processing units (vCPUs) are to be monitored. In addition, cases in which multiple VMs are monitored have not been examined. In this study, we describe the support of multiple VMs for the proposed VMM-based tracing function. We also show how to deal with VMs allocated by multiple vCPUs. Furthermore, we report the evaluation results from assessing the traceability of the improved proposed method and its overhead for classified information when a VM with multiple vCPUs is monitored.

AB - To handle information leaks caused by administrative errors or mishandling, a function for tracing the diffusion of classified information using a virtual machine monitor (VMM) was proposed. However, the proposed function has not been investigated in cases in which virtual machines (VMs) allocated by multiple virtual central processing units (vCPUs) are to be monitored. In addition, cases in which multiple VMs are monitored have not been examined. In this study, we describe the support of multiple VMs for the proposed VMM-based tracing function. We also show how to deal with VMs allocated by multiple vCPUs. Furthermore, we report the evaluation results from assessing the traceability of the improved proposed method and its overhead for classified information when a VM with multiple vCPUs is monitored.

KW - Information leak prevention

KW - Virtualization

KW - VMM

UR - http://www.scopus.com/inward/record.url?scp=85124161512&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85124161512&partnerID=8YFLogxK

U2 - 10.1109/CANDARW53999.2021.00066

DO - 10.1109/CANDARW53999.2021.00066

M3 - Conference contribution

AN - SCOPUS:85124161512

T3 - Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021

SP - 352

EP - 358

BT - Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 9th International Symposium on Computing and Networking Workshops, CANDARW 2021

Y2 - 23 November 2021 through 26 November 2021

ER -

Function for Tracing Diffusion of Classified Information to Support Multiple VMs with KVM

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this