{"updated":"2025-01-21T13:09:50.085995+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00096759","sets":["581:7002:7344"]},"path":["7344"],"owner":"11","recid":"96759","title":["軽量ハイパバイザによるシステムイメージの完全性保護"],"pubdate":{"attribute_name":"公開日","attribute_value":"2013-12-15"},"_buckets":{"deposit":"986f6c95-0711-463b-96db-c8c405122b70"},"_deposit":{"id":"96759","pid":{"type":"depid","value":"96759","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"軽量ハイパバイザによるシステムイメージの完全性保護","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"軽量ハイパバイザによるシステムイメージの完全性保護"},{"subitem_title":"Protecting System Image Integrity with Lightweight Hypervisors","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[一般論文] オペレーティングシステム，仮想化技術，セキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2013-12-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"筑波大学大学院システム情報工学研究科コンピュータサイエンス専攻"},{"subitem_text_value":"筑波大学大学院システム情報工学研究科コンピュータサイエンス専攻"},{"subitem_text_value":"東京大学情報基盤センター"},{"subitem_text_value":"筑波大学大学院システム情報工学研究科コンピュータサイエンス専攻"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Department of Computer Science, Graduate School of Systems and Information Engineering, University of Tsukuba","subitem_text_language":"en"},{"subitem_text_value":"Department of Computer Science, Graduate School of Systems and Information Engineering, University of Tsukuba","subitem_text_language":"en"},{"subitem_text_value":"Information Technology Center, The University of Tokyo","subitem_text_language":"en"},{"subitem_text_value":"Department of Computer Science, Graduate School of Systems and Information Engineering, University of Tsukuba","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/96759/files/IPSJ-JNL5412002.pdf"},"date":[{"dateType":"Available","dateValue":"2015-12-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL5412002.pdf","filesize":[{"value":"878.0 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"ab62bbcb-4b49-434e-9b99-695e79ef39e8","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2013 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"忠鉢, 洋輔"},{"creatorName":"表, 祐志"},{"creatorName":"品川, 高廣"},{"creatorName":"加藤, 和彦"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yosuke, Chubachi","creatorNameLang":"en"},{"creatorName":"Yushi, Omote","creatorNameLang":"en"},{"creatorName":"Takahiro, Shinagawa","creatorNameLang":"en"},{"creatorName":"Kazuhiko, Kato","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年，オペレーティングシステム（OS）のカーネル権限を不正に取得する攻撃が増加している．攻撃者による永続的な不正アクセスを防ぐためにシステムイメージをOSの外部から保護する研究が行われているが，保護のためのTrusted Computing Base（TCB）が大きくなりがちなこと，正確な保護が行えないことが問題となっている．本研究では，OSから透過的にバイト粒度での保護を実現するハイパバイザの設計と，このハイパバイザに最適化された完全性保護のための情報を生成する手法を示す．さらに，一般的なクライアントOSであるWindows XPとFAT32ファイルシステムを対象に，BitVisorをベースした実装と評価を行った．この結果，全体で31KLOCと小さいTCBのハイパバイザで比較的低オーバヘッドの完全性の保護が実現できることを確認した．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In recent years, sophisticated attacks to gain unauthorized access to kernel privileges are prevalent. Protecting the system image integrity of operating systems (OSs) from outside of OSs is an effective approach to preventing attackers from persistently gaining unauthorized access. However, protecting system files from outside of OSs is not easy due to the problem of semantic gap between files and storage, making the overhead and the size of trusted computing base (TCB) larger. This paper presents a protection scheme using a lightweight hypervisor for protecting system image integrity. This scheme achieves strict file-level protection by using byte-granularity storage location information based on the specifications of file systems and achieves lightweight protection by using a tiny hypervisor that only passively performs byte-granularity inspection. We have built a prototype implementation supporting Windows XP on the FAT filesystem and confirmed that the size of the TCB is 31KLOC and the hypervisor incurs only small overhead.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"2412","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"2402","bibliographicIssueDates":{"bibliographicIssueDate":"2013-12-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"12","bibliographicVolumeNumber":"54"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-18T23:43:29.955745+00:00","id":96759,"links":{}}