External monitoring of endpoint configuration compliance
CSIIRW '09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies(2009)
摘要
We describe a system for externally monitoring endpoint configuration compliance of an end user system that provides a high assurance monitoring function and data. Typical approaches to monitoring for endpoint configuration compliance rely on the integrity of the endpoint's operating system and do not protect the monitoring function from subversion or spoofing by threats from within the monitored system. Our approach utilizes (1) a virtual machine architecture on the endpoint system to protect the monitoring function and (2) virtual machine introspection of the end user's environment. In this paper we describe our approach to external monitoring of endpoint configuration compliance, present the technical details of our monitoring system, and discuss some of the issues associated with external monitoring.
更多查看译文
关键词
endpoint system,high assurance monitoring function,operating system,monitoring system,externally monitoring endpoint configuration,monitored system,endpoint configuration compliance,end user system,monitoring function,external monitoring,virtualization,security,virtual machine,trusted computing
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要