Overview of Virtualization

The virtualization technologies (That includes Physical Operating System (OS) and many types of computer systems and platforms) are used to consolidate multiple physical machines onto a single physical machine. In other words, the multiple virtual machines (VMs) can run on a single physical machine.

VT is a matured and important technology and also an innovate methodology in Computer Science domain, and meanwhile it is also a low-cost concept at present. The earliest conception of virtualization was a method of that proposed by IBM in 1960, and set up on the Mainframe of IBM System 360-67. VT has definitely become an important tool and technique [8] for the design and evolutionary development of computer systems. Furthermore, VT enables security researchers to run multiple operating systems (OS) concurrently on a single physical machine, where each of the OSs runs as a self-contained computer. VT can be used for research or support of business to cost-effective utilization of IT infrastructure.

However, in this thesis, VT is a fundamental technological innovation that allows skilled IT security experts or security researchers to apply and design creative new solutions to such security issue challenges. Virtualization includes various types of technologies; this Section will briefly introduce the Full VT, Hardware-assisted VT and Paravirtualization. Those are presented in Section 2.2.1 to Section 2.2.3.

2.2.1 Full Virtualization

Full VT will establish a whole new virtual operating system, also known as Guest OS, which is able to operate directly in the local operating system, and can make use of VMM [7]

to control the system resources without needing to modify the Guest OS or application program (Apps). Currently, Full virtualization Technology still adopt the Binary Translation

(BT) [11] approach, as a result of implementing CPU command under the Ring 0, thus the hardware equipment of the lowest level can be directly accessed and then sent to VMM for further implementation. The advantage of the full virtualization is that it is able to establish most diverse platforms without modifying the kernel of Guest OS; however, relative lower efficiency is its weakness.

2.2.2 Hardware-assisted Virtualization

Currently, Intel ® VT-x and AMD-v™ are two types of the hardware virtualization technologies at present. This approach is added to x86 processors in 2006. Both of them was added a new implementation mode into CPU, which is called as the root mode. Such mode can make Virtual Machine Monitor (VMM) [7] to operate under the root mode and it locates beneath Ring 0 and on the same layer as VMM. The status of Guest OS will preserve in the Virtual Machine Control Structure or the Virtual Machine Control Block of AMD-v™ CPU that supports Intel ® VT-x and AMD-v™ can use the hardware-assisted virtualization function.

2.2.3 Xen Paravirtualization

Xen Paravirtualization is acknowledged as the most rapid and safe software virtualization technology in the industry at present. Compared with full virtualization, it only needs about less than 10% system efficiency consumption and requirement. As for the basic testing of the Xen Source Virtual Machine, it generally turns to consume less than 5% of system efficiency, and that can be regarded as a breakthrough for related technologies. On the contrary, the system efficient consumption with adopting other VT will be reached 35%, or even higher [12][15]. Therefore, the main advantage of using the Paravirtualization is that it

can provide a higher application scope of efficiency than the full VT, but the weakness is the need to modify its Guest Operating Systems kernel.

Xen [12][13] initialed its development in 2002, and developed by the x86 platform, the Computer Experiment Lab of University of Cambridge, UK. In addition, based on the open-source software, and is conformed to the agreement of GNU Public License (GPL) to do the development. Its main purpose is to make use of the most simplified approaches to modify the current operating systems in the current x86 Architecture; at the same time, perform more optimum virtualized efficiency in the current virtualization technologies [9][14].

Compared with the VMware [7][9] that proposed in 2005, and it is a Paravirtualization interface, or named as the Virtual Machine Interface (VMI) [14]. The Paravirtualization technology that adopted by Xen, the Xen Guest OS Kernel [12] can only be operated in the Xen ® Hypervisor [10][12][14][15], but VMI Guest OS can be supported to various hypervisors. If adopting the Xen Paravirtualization, then it needs to re-complier and modify the Operating System Kernel for Guest OS. Therefore, due to their respective advantages and defects, they can be flexibly deployed in accordance with the real requirement.

The leader and founder of Xen Source R&D Team, Dr. Ian Pratt [12] indicates that the main feature of Paravirtualization is that it can provide the similar speed to its operating system. Thus, Paravirtualization possesses a higher calculation environment, which also the most rapid and secure virtualization technologies at present.

Xen adopted the Borrowed Virtual Time scheduling algorithm (BVT), which was proposed by Kenneth J.D., and David R.C.[24] in Stanford University in 1999. And the main purpose of applying such algorithm to Xen by its R&D Team is to reduce the system events that may influence the operating efficiency for the virtualization system. When a domain received an event, such algorithm possesses more low-latency after event occurred.