The Experts below are selected from a list of 54 Experts worldwide ranked by ideXlab platform
Kenichi Kourai - One of the best experts on this subject based on the ideXlab platform.
-
CLOUD - VM Migration for Secure Out-of-band Remote Management with Nested Virtualization
2020 IEEE 13th International Conference on Cloud Computing (CLOUD), 2020Co-Authors: Tomoya Unoki, Kenichi KouraiAbstract:Infrastructure-as-a-Service clouds provide out-of-band remote management of the systems in virtual machines (VMs). This management method enables users to manage their systems even on several types of failures inside VMs. In this method, users access virtual devices of their VMs, but virtual devices are not sufficiently protected against untrusted cloud operators. For secure out-of-band remote management, previous work securely runs shadow devices outside an untrusted virtualized system using nested virtualization. However, the states of shadow devices are lost during VM migration. In this paper, we propose USShadow for continuing secure out-of-band remote management after VM migration. USShadow enables the migration manager inside the virtualized system to transparently and securely save and restore the states of shadow devices outside it. We have implemented USShadow, which supports Xen and KVM as virtualized systems. Then, we confirmed that USShadow could continue virtual Serial Console and that the migration overhead was negligible.
-
ACSAC - Secure Out-of-band Remote Management of Virtual Machines with Transparent Passthrough
Proceedings of the 34th Annual Computer Security Applications Conference, 2018Co-Authors: Shota Futagami, Tomoya Unoki, Kenichi KouraiAbstract:Infrastructure-as-a-Service clouds provide out-of-band remote management for users to access their virtual machines (VMs). Out-of-band remote management is a method for indirectly accessing VMs via their virtual devices. While virtual devices running in the virtualized system are managed by cloud operators, not all cloud operators are always trusted in clouds. To prevent information leakage from virtual devices and tampering with their I/O data, several systems have been proposed by trusting the hypervisor in the virtualized system. However, they have various issues on security and management. This paper proposes VSBypass, which enables secure out-of-band remote management outside the virtualized system using a technique called transparent passthrough. VSBypass runs the entire virtualized system in an outer VM using nested virtualization. Then it intercepts I/O requests of out-of-band remote management and processes those requests in shadow devices, which run outside the virtualized system. We have implemented VSBypass in Xen for the virtual Serial Console and GUI remote access. We confirmed that information leakage was prevented and that the performance was comparable to that in traditional out-of-band remote management.
Dežman Anže - One of the best experts on this subject based on the ideXlab platform.
-
New feature for Arduino Integrated Developement Environment
2018Co-Authors: Dežman AnžeAbstract:The open-source Arduino Integrated Development Environment allows the programmer to not only upload programs to a micro controller with a wired Serial connection, but also over the network with the use of Over The Air programming, shortened to OTA. This protocol, however, does not support the sending of debug output from the micro controller to the Serial Console, because this functionality depends on a Serial connection that is lost when using OTA. The goal of this diploma paper was reroute debug output over Serial connection to debug output over network. We began by reviewing the source code and familiarized ourselves with the default process of sending the debug output over Serial connection and the workings of Arduino’s Serial Console. Afterwards we developed an Arduino library which reroutes debug output over the network and then we modified the Arduino IDE to allow said debug output over network to be shown in its modified Serial Console. This diploma paper includes the description of our library’s source code, its functionality, the description of our modifications to the Arduino Integrated Development Environment as well as a simple use case of our library. Our library was tested on WEMOS D1 mini development board, which is based around the ESP8266 micro controller. In the course of development C++ and Java programming languages were used
-
New feature for Arduino Integrated Developement Environment
2018Co-Authors: Dežman AnžeAbstract:Odprtokodno razvojno okolje Arduino IDE nam poleg prenosa programov na mikrokontroler preko žične serijske povezave nudi tudi način prenosa programov preko omrežja z uporabo protokola OTA (angl. Over The Air). Ta protokol pa ne podpira pošiljanja testnih izpisov iz mikrokontrolerja v serijsko konzolo, saj je ta funkcionalnost vezana na serijsko povezavo, ki se z uporabo OTA izgubi. Cilj diplomske naloge je bil preusmeriti testne izpise preko serijske povezave v testne izpise preko omrežja. Najprej smo se s pregledom izvorne kode seznanili s privzetim postopkom pošiljanja testnih izpisov preko serijske povezave ter z delovanjem serijske konzole okolja Arduino IDE. Nato smo razvili Arduino knjižnico za preusmeritev testnih izpisov in nadgradili razvojno okolje Arduino IDE tako, da te testne izpise preko omrežja sprejme in prikaže na spremenjeni serijski konzoli. Diplomska naloga vsebuje opis izvorne kode in delovanja naše knjižnice, opis naših sprememb okolja Arduino IDE ter preprost primer uporabe naše knjižnice. Za testiranje Arduino knjižnice smo uporabili razvojno ploščico WEMOS D1 mini, ki temelji na mikrokontrolerju ESP8266. Pri razvoju smo uporabili programska jezika C++ in Java.The open-source Arduino Integrated Development Environment allows the programmer to not only upload programs to a micro controller with a wired Serial connection, but also over the network with the use of Over The Air programming, shortened to OTA. This protocol, however, does not support the sending of debug output from the micro controller to the Serial Console, because this functionality depends on a Serial connection that is lost when using OTA. The goal of this diploma paper was reroute debug output over Serial connection to debug output over network. We began by reviewing the source code and familiarized ourselves with the default process of sending the debug output over Serial connection and the workings of Arduino’s Serial Console. Afterwards we developed an Arduino library which reroutes debug output over the network and then we modified the Arduino IDE to allow said debug output over network to be shown in its modified Serial Console. This diploma paper includes the description of our library’s source code, its functionality, the description of our modifications to the Arduino Integrated Development Environment as well as a simple use case of our library. Our library was tested on WEMOS D1 mini development board, which is based around the ESP8266 micro controller. In the course of development C++ and Java programming languages were used
Tomoya Unoki - One of the best experts on this subject based on the ideXlab platform.
-
CLOUD - VM Migration for Secure Out-of-band Remote Management with Nested Virtualization
2020 IEEE 13th International Conference on Cloud Computing (CLOUD), 2020Co-Authors: Tomoya Unoki, Kenichi KouraiAbstract:Infrastructure-as-a-Service clouds provide out-of-band remote management of the systems in virtual machines (VMs). This management method enables users to manage their systems even on several types of failures inside VMs. In this method, users access virtual devices of their VMs, but virtual devices are not sufficiently protected against untrusted cloud operators. For secure out-of-band remote management, previous work securely runs shadow devices outside an untrusted virtualized system using nested virtualization. However, the states of shadow devices are lost during VM migration. In this paper, we propose USShadow for continuing secure out-of-band remote management after VM migration. USShadow enables the migration manager inside the virtualized system to transparently and securely save and restore the states of shadow devices outside it. We have implemented USShadow, which supports Xen and KVM as virtualized systems. Then, we confirmed that USShadow could continue virtual Serial Console and that the migration overhead was negligible.
-
ACSAC - Secure Out-of-band Remote Management of Virtual Machines with Transparent Passthrough
Proceedings of the 34th Annual Computer Security Applications Conference, 2018Co-Authors: Shota Futagami, Tomoya Unoki, Kenichi KouraiAbstract:Infrastructure-as-a-Service clouds provide out-of-band remote management for users to access their virtual machines (VMs). Out-of-band remote management is a method for indirectly accessing VMs via their virtual devices. While virtual devices running in the virtualized system are managed by cloud operators, not all cloud operators are always trusted in clouds. To prevent information leakage from virtual devices and tampering with their I/O data, several systems have been proposed by trusting the hypervisor in the virtualized system. However, they have various issues on security and management. This paper proposes VSBypass, which enables secure out-of-band remote management outside the virtualized system using a technique called transparent passthrough. VSBypass runs the entire virtualized system in an outer VM using nested virtualization. Then it intercepts I/O requests of out-of-band remote management and processes those requests in shadow devices, which run outside the virtualized system. We have implemented VSBypass in Xen for the virtual Serial Console and GUI remote access. We confirmed that information leakage was prevented and that the performance was comparable to that in traditional out-of-band remote management.
Henrik Sankala - One of the best experts on this subject based on the ideXlab platform.
-
Evaluation and implementation of system logging and remote Serial Console managenet
2003Co-Authors: Henrik SankalaAbstract:System logging is an important part of system administration when it comes to both problem solving and security. Remote Serial Console management makes administration of a large number of servers ...
David Van - One of the best experts on this subject based on the ideXlab platform.
-
Research and Development for Advanced Tele-maintenance Capability with Remote Serial Console Access and Proactive Monitoring of Medical Devices
2009Co-Authors: David VanAbstract:Abstract : The U.S. Army Medical Department has the urgent need of a remote diagnostic access (RDA) capability in support of the configuration, problem detection, and troubleshooting of medical equipment densities within the theatre of operations and in fixed medical facilities throughout the world. Currently, there is no telemaintenance capability for medical equipment. Through research efforts funded by U.S. Army Telemedicine and Advanced Technology Research Center (TATRC) and the US Army Medical Materiel Agency (USAMMA), the objective is to develop a comprehensive RDA in support of telemaintenance. The research concluded with a cost effective prototype device that enables biomedical technicians to perform secure remote diagnostics. The new RDA capability supports both in-band and out-of-band Console access allowing the technicians to effectively and efficiently perform secure remote diagnostic tasks. The key achievements of the research includes the engineering of the RDA prototype device that is agnostic to the brand, make, or model of the medical equipment; and a unique ability to support remote USB Smartcard, which remotely unlocks the diagnostic functions on the medical equipment. The new RDA capability improves the availability and resilience of the medical equipment, reduces costs associated with unscheduled repairs, and validates equipment performance measures, which in turn provides the physicians with the ability to deliver quality health care to their patients.
