Memory isolation through address translation data edit control
作者: Bryan Mark Willman , Paul England , Marcus Peinado
DOI:
关键词:
摘要: Isolated memory is implemented by controlling changes to address translation maps. Control over the maps can be exercised in such a way that no virtual referring an isolated page exposed any untrusted process. Requests edit entry map are evaluated ensure will not cause point memory. change which active activated does Preferably, these evaluations performed trusted component environment, since isolation of depends on evaluation being compromised. In systems require all access requests identify their target address, preventing from pointing portion effectively prevents memory, thereby creating
lens.org 参考文章(9)
Ben Catanzaro, Multiprocessor System Architectures ,(1994)
Vincent J. Zimmer, Hardened extensible firmware framework ,(2002)
Edouard Bugnion, Scott Devine, Kinshuk Govil, Mendel Rosenblum, Disco: running commodity operating systems on scalable multiprocessors ACM Transactions on Computer Systems. ,vol. 15, pp. 412- 447 ,(1997) , 10.1145/265924.265930
Karl L. Ginter, Francis J. Spahn, Victor H. Shear, David M. Van Wie, Systems and Methods for Secure Transaction Management and Electronic Rights Protection ,(2010)
Carl A. Waldspurger, Memory resource management in VMware ESX server ACM SIGOPS Operating Systems Review. ,vol. 36, pp. 181- 194 ,(2002) , 10.1145/844128.844146
Robert P. Goldberg, Survey of virtual machine research Computer. ,vol. 7, pp. 34- 45 ,(1974) , 10.1109/MC.1974.6323581
Gerald J. Popek, Robert P. Goldberg, Formal requirements for virtualizable third generation architectures Communications of the ACM. ,vol. 17, pp. 412- 421 ,(1974) , 10.1145/361011.361073
Charles R. Landau, Method and apparatus for managing invalidation of virtual memory mapping table entries ,(1998)