Using Kernel Hypervisors to Secure Applications

T. Mitchem, R. Lu & R. O'Brien

This paper describes an approach for selectively hardening COTS components to provide robustness and security. Using the concept of a loadable module, "kernel hypervisors" have been implemented on a Linux kernel. These kernel hypervisors provide kernel based security wrappers for application specific security requirements and can be used to provide replication services as well.

A framework has been developed based on a master kernel hypervisor, whose job is to coordinate installation and removal of individual client kernel hypervisors and to provide a means for management of these clients. The framework allows client kernel hypervisors to be stacked so that a variety of application specific policies can be implemented, each by means of its own kernel hypervisor. The hypervisors run in the kernel, but since they are loadable modules, they do not require that the kernel be modified.

Kernel hypervisors have a number of potential applications, including protecting user systems from malicious active content downloaded via a Web browser and wrapping servers and firewall services for limiting possible compromises.