Skip to main content
SpringerLink
Log in

TransPro: Mandatory Sensitive Information Protection Based on Virtualization and Encryption

  • Conference paper
  • First Online:
Cloud Computing and Security (ICCCS 2016)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10039))

Included in the following conference series:

  • 1348 Accesses

Abstract

With the growing population of networked devices, the potential risk of leaking sensitive data has been seriously increased. This paper proposes a novel approach named TransPro based on virtualization technology, which can provide mandatory protected transmission between different network hosts. Through TransPro, all output sensitive data is encrypted before sent to network, and all input network data is decrypted before handled by the sensitive application. TransPro works in the host OS and VMM, and it does not need to manually modify application code. We have evaluated TransPro using security analysis and attack tests. The results show that TransPro can offer a safe information transmission with a little overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    It also can be allocated by the existing certification network. To simplify the implementation, the certification is manually allocated with self protocol, and TransPro can work in the LAN network for this design.

References

  1. Zhou, M., Zhang, R., Xie, W., Qian, W., Zhou, A.: Security and privacy in cloud computing: a survey. In: 2010 Sixth International Conference on Semantics Knowledge and Grid, pp. 105–112 (2010)

    Google Scholar 

  2. Pang, D.Q., Zhang, A., Xie, C.: Realization proposal and security model of operating system based on credible computation. J. Liuzhou Vocat. Tech. Coll. 11(4), 51–54 (2011)

    Google Scholar 

  3. Chen, H., Mao, Y., Wang, X., Zhou, D., Zeldovich, N., Kaashoek, M.F.: Linux kernel vulnerabilities: state-of-the-art defenses and open problems. Second Asia-Pac. Workshop Syst. 5, 1–5 (2011)

    Google Scholar 

  4. Barrantes, G., Ackley, D.H., Palmer, T.S., Zovi, D.D., Forrest, S., Stefanovi, D.: Randomized instruction set emulation to disrupt binary code injection attacks. ACM Trans. Inf. Syst. Secur. 8(1), 3–40 (2005)

    Article  Google Scholar 

  5. Sandhu, R.S., Edward, J.C., Hal, L.F., Charles, E.Y.: Role-based access control models. IEEE Comput. 2, 38–47 (1996)

    Article  Google Scholar 

  6. Kyle, D., Brustoloni, J.C.: UCLinux: a linux security module for trusted-computing-based usage controls enforcement. In: ACM Workshop on Scalable Trusted Computing, pp. 63–70 (2007)

    Google Scholar 

  7. Yongjun, R., Jian, S., Jin, W., Jin, H., Sungyoung, L.: Mutual verifiable provable data auditing in public cloud storage. J. Internet Technol. 16(2), 317–323 (2015)

    Google Scholar 

  8. Jian, S., Sangman, M., Ilyong, C.: Enhanced secure sensor association and key management in wireless body area networks. J. Commun. Netw. 17(5), 453–462 (2015)

    Article  Google Scholar 

  9. Ma, T., Zhou, J., Tang, M., Tian, Y., Al-Dhelaan, A., Al-Rodhaan, M., Lee, S.: Social network and tag sources based augmenting collaborative recommender system. IEICE Trans. Inf. Syst. E98–D(4), 902–910 (2015)

    Article  Google Scholar 

  10. Fu, Z., Sun, X., Liu, Q., Zhou, L., Shu, J.: Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans. Commun. E98–B(1), 190–200 (2015)

    Article  Google Scholar 

  11. Embleton, S., Sparks, S., Zou, C.C.: SMM rootkit: a new breed of OS independent malware. Secur. Commun. Netw. 6(12), 1590–1605 (2013)

    Article  Google Scholar 

  12. Mann, C., Starostin, A.: A framework for static detection of privacy leaks in android applications. In: The 27th Annual ACM Symposium on Applied Computing, pp. 1457–1462 (2012)

    Google Scholar 

  13. Seifert, J., De Luca, A., Conradi, B., Hussmann, H.: TreasurePhone: context-sensitive user data protection on mobile phones. In: Floréen, P., Krüger, A., Spasojevic, M. (eds.) Pervasive 2010. LNCS, vol. 6030, pp. 130–137. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. ACM SIGOPS Oper. Syst. Rev. 37(5), 193–206 (2003)

    Article  Google Scholar 

  15. Tan, L., Chan, E.M., Farivar, R., Mallick, N.: iKernel: isolating buggy and malicious device drivers using hardware virtualization support. In: The 3rd IEEE International Symposium on Dependable, Autonomic and Secure Computing, pp. 134–144 (2007)

    Google Scholar 

  16. Perez, R., van Doorn, L., Sailer, R.: Virtualization and hardware-based security. IEEE Secur. Priv. 6(5), 24–31 (2008)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Tsinghua National Laboratory for Information Science and Technology, Computer Science and Technology, Tsinghua University, Beijing, 100084, China

    Xue-Zhi Xie, Hu-Qiu Liu & Yu-Ping Wang

Authors
  1. Xue-Zhi Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hu-Qiu Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yu-Ping Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu-Ping Wang .

Editor information

Editors and Affiliations

  1. University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. Michigan State University , EAST LANSING, Michigan, USA

    Alex Liu

  3. National Dong Hwa University , Shoufeng, Taiwan

    Han-Chieh Chao

  4. Purdue University , West Lafayette, Indiana, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Xie, XZ., Liu, HQ., Wang, YP. (2016). TransPro: Mandatory Sensitive Information Protection Based on Virtualization and Encryption. In: Sun, X., Liu, A., Chao, HC., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2016. Lecture Notes in Computer Science(), vol 10039. Springer, Cham. https://doi.org/10.1007/978-3-319-48671-0_39

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-48671-0_39

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-48670-3

  • Online ISBN: 978-3-319-48671-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation