Windows Vault: Prevention of Virus Infection and Secret Leakage with Secure OS and Virtual Machine

Sameshima, Yoshiki; Saisho, Hideaki; Matsumoto, Tsutomu; Komoda, Norihisa

doi:10.1007/978-3-540-77535-5_10

Yoshiki Sameshima⁴,
Hideaki Saisho⁴,
Tsutomu Matsumoto⁵ &
…
Norihisa Komoda⁶

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4867))

Included in the following conference series:

International Workshop on Information Security Applications

995 Accesses

Abstract

We present an integrated system of two Windows workstations; while the first workstation is prepared to process secret information, the second is for non-secret which may contain computer virus, and the two workstations are integrated into a PC with secure OS, virtual machine and gateways. Since the two workstations are virtually separated at the physical level, the first workstation is not infected by virus, nor is secret leaked out to the Internet, even if the second is infected by unknown virus. Comparing previous work which realizes complete data isolation for intelligence community, user of the proposed system can import data securely from the second workstation to the first through security guaranteed channel between the two workstations. The user can also read e-mail from the Internet on the first without fear of virus infection, and as a result the user does not need to be aware that she/he uses the two workstations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Gordon, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: 2006 CSI/FBI Computer Crime and Security Survey: Computer Security Institute (2006)
Google Scholar
Symantec Reports Rise in Data Theft, Data Leakage, and Targeted Attacks Leading to Hackers’ Financial Gain: News Release (19th March 2007), http://www.symantec.com/about/news/release/article.jsp?prid=20070319_01
McAfee, Inc. Releases New Research Suggesting Data Loss Will Lead To Next Major Corporate Collapse: Press Release (24th April 2007), http://www.symantec.com/about/news/release/article.jsp?prid=20070319_01
Frantzen, S.: Targeted attack: Experience from the trenches: The SANS Institute (May 21, 2006) http://isc.sans.org/diary.html?storyid=1345
Argus Systems Group, Inc.: PitBull.comPack, OS-level Security for Solaris and AIX: White Paper (March 2001), http://www.argus-systems.com/public/docs/pitbull.whitepaper.oss.pdf
Loscocco, P.A., Smalley, S.D.: Meeting Critical Security Objectives with Security-Enhanced Linux. In: Proceedings of the 2001 Ottawa Linux Symposium (2001), http://www.nsa.gov/selinux/papers/ottawa01.pdf
Trusted Computer System Evaluation Criteria; Department of Defense Standard 5200.28-STD (August 1983)
Google Scholar
Christodorescu, M., Jha, S., Seshia, S., Song, D., Bryant, R.E.: Semantics-Aware Malware Detection. In: IEEE Symposium on Security and Privacy (2005)
Google Scholar
HP NetTop: A Technical Overview (December 2004)
Google Scholar
Meushaw, R., Simard, D.: Nettop, Commercial Technology in High Assurance Applications: NSA Tech Trend Notes (Fall 2000), http://www.vmware.com/pdf/TechTrendNotes.pdf
Crystal Dew World, http://crystalmark.info/?lang=en
Trusted Computing Group, TCG Specification Architecture Overview, Specification Revision 1.4 (August 2, 2007)
Google Scholar
Griffin, J.L., Jaeger, T., Perez, R., Sailer, R., van Doorn, L., Caceres, R.: Trusted Virtual Domains: Toward Secure Distributed Services. In: The First Workshop on Hot Topics in System Dependability (June 30, 2005)
Google Scholar
Inoue, H., Ikeno, A., Kondo, M., Sakai, J., Edahiro, M.: VIRTUS: A new processor virtualization architecture for security-oriented next-generation mobile terminals. In: Proceedings of the 43rd annual conference on Design automation, pp. 484–489 (2006)
Google Scholar

Download references

Author information

Authors and Affiliations

Hitachi Software Engineering, Co., Ltd., Japan
Yoshiki Sameshima & Hideaki Saisho
Graduate School of Environment and Information Science, Yokohama National University, Japan
Tsutomu Matsumoto
Graduate School of Information Science and Technology, Osaka University, Japan
Norihisa Komoda

Authors

Yoshiki Sameshima
View author publications
You can also search for this author in PubMed Google Scholar
Hideaki Saisho
View author publications
You can also search for this author in PubMed Google Scholar
Tsutomu Matsumoto
View author publications
You can also search for this author in PubMed Google Scholar
Norihisa Komoda
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Industrial Engineering, KAIST, 373-1, Guseong-dong, Yuseong-gu, 305-701, Daejeon, Korea
Sehun Kim
RSA Labs, EMC Corp. and Department of Computer Science, Columbia University,, USA
Moti Yung
Div. Computer Information of Software, Hanshin University, 411, Yangsan-dong, 447-791, Osan, Gyunggi, South Korea
Hyung-Woo Lee

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sameshima, Y., Saisho, H., Matsumoto, T., Komoda, N. (2007). Windows Vault: Prevention of Virus Infection and Secret Leakage with Secure OS and Virtual Machine. In: Kim, S., Yung, M., Lee, HW. (eds) Information Security Applications. WISA 2007. Lecture Notes in Computer Science, vol 4867. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77535-5_10

Download citation

DOI: https://doi.org/10.1007/978-3-540-77535-5_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77534-8
Online ISBN: 978-3-540-77535-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics