Network Virtual Memory-Secure
NVM-S encrypted tables protect the memory of the guest VMs from malicious external attacks using complex CPU based encryption and attestation of the memory pointers within a trusted compute block. Exploits require access to memory, instructions and write access to storage. NVM-S will not allow external non-attested access without a key pair to the compute infrastructure.
The NVM-S architecture, which provides protections to guest VMs, run’s as a SHIM driver that transparently redirects the memory operations to the NVM-S attestation and encryption engine. The SHIM driver is a small library that transparently intercepts the CPU memory calls and redirects the operation.
Traditional VM’s have memory management functionalities, which they use to access the physical memory on the server hosting the VM’s. Hypervisors abstract the underlying hardware and present it as a shared virtual resource to VM’s via a VMM or Virtual Machine Manager. If the VM is compromised, the management functions can be abused to violate the confidentiality and integrity of the guest VM’s, the VMM, and the hardware itself. NVM-S protects guest VMs from malicious attacks from external sources. External sources are code that attacks the VM and its underlying hypervisor with a complex array of system level calls.
NVM-S’ key feature is the integrity and encryption (IE) of memory and instructions that are used to access the physical hardware via industry standard hypervisors. NVM-S IE tables are attested into the trusted compute pool and are only accessible by the VM, thereby protecting and encrypting all access to VM memory. To protect IE tables, NVM-S allocates physical memory regions and ensures that only VMs can access the IE tables in the allocated physical memory regions. By this process, NVM-S ensures that the hypervisor or other direct memory access (DMA) cannot access the NVM-S IE tables in the protected memory regions.