Multipersona Hypovisors: Securing Mobile Devices through High-Performance Light-Weight Subsystem Isolation

Abstract

We propose and detail a system called multipersona Hypovisors for providing light-weight isolation for enhancing security on Multipersona mobile devices, particularly with respect to the current memory constraints of these devices. Multipersona Hypovisors leverage Linux kernel cGroups and namespaces to establish independent process container, al-lowing isolation of the Multipersona process tree from other simultaneous instances of Multipersona and the hypovisor which is an underlying Angstrom-based embedded Linux distributions designed to add additional security to the system. The system incorporates a wide range of data integrity tools in the embedded hypovisor, and an SE Linux-enabled kernel for mandatory access control and integrity tools for transparent auditing of running Multipersona instances. A prototype is presented which uses integrity tools external to the Multipersona container to audit it for malicious activity, and also has the ability to support a multipersona environment with multiple encrypted personas existing individually or simultaneously on the device. Two versions are demonstrated, one which allows cold-swapping of personas for high-assurance scenarios and also one that supports hot-swapping. Analysis shows that the hypovisor has a 40-50 MB impact on the overall memory footprint for the system.