{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T06:39:53Z","timestamp":1775457593388,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,10,23]],"date-time":"2011-10-23T00:00:00Z","timestamp":1319328000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,10,23]]},"DOI":"10.1145\/2043556.2043575","type":"proceedings-article","created":{"date-parts":[[2011,10,25]],"date-time":"2011-10-25T12:23:06Z","timestamp":1319545386000},"page":"189-202","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":85,"title":["Breaking up is hard to do"],"prefix":"10.1145","author":[{"given":"Patrick","family":"Colp","sequence":"first","affiliation":[{"name":"University of British Columbia"}]},{"given":"Mihir","family":"Nanavati","sequence":"additional","affiliation":[{"name":"University of British Columbia"}]},{"given":"Jun","family":"Zhu","sequence":"additional","affiliation":[{"name":"Citrix Systems R&amp;D"}]},{"given":"William","family":"Aiello","sequence":"additional","affiliation":[{"name":"University of British Columbia"}]},{"given":"George","family":"Coker","sequence":"additional","affiliation":[{"name":"National Security Agency"}]},{"given":"Tim","family":"Deegan","sequence":"additional","affiliation":[{"name":"Citrix Systems R&amp;D"}]},{"given":"Peter","family":"Loscocco","sequence":"additional","affiliation":[{"name":"National Security Agency"}]},{"given":"Andrew","family":"Warfield","sequence":"additional","affiliation":[{"name":"University of British Columbia"}]}],"member":"320","published-online":{"date-parts":[[2011,10,23]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Dec.","author":"Department of Defense Trusted Computer System Evaluation Criteria. DoD 5200.28-STD. U. S.","year":"1985","unstructured":"Department of Defense Trusted Computer System Evaluation Criteria. DoD 5200.28-STD. U. S. Department of Defense , Dec. 1985 . Department of Defense Trusted Computer System Evaluation Criteria. DoD 5200.28-STD. U. S. Department of Defense, Dec. 1985."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629577"},{"key":"e_1_3_2_1_3_1","first-page":"31","volume-title":"Proc. USENIX Summer Conference","author":"Baker M.","year":"1992","unstructured":"M. Baker and M. Sullivan . The recovery box: Using fast recovery to provide high availability in the UNIX environment . In Proc. USENIX Summer Conference , pages 31 -- 43 , June 1992 . M. Baker and M. Sullivan. The recovery box: Using fast recovery to provide high availability in the UNIX environment. In Proc. USENIX Summer Conference, pages 31--43, June 1992."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945462"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2007.443"},{"key":"e_1_3_2_1_6_1","first-page":"41","volume-title":"Proc. USENIX ATC","author":"Bellard F.","year":"2005","unstructured":"F. Bellard . QEMU, a fast and portable dynamic translator . In Proc. USENIX ATC , pages 41 -- 46 , Apr. 2005 . F. Bellard. QEMU, a fast and portable dynamic translator. In Proc. USENIX ATC, pages 41--46, Apr. 2005."},{"key":"e_1_3_2_1_7_1","first-page":"309","volume-title":"Proc. 5th USENIX NSDI","author":"Bittau A.","year":"2008","unstructured":"A. Bittau , P. Marchenko , M. Handley , and B. Karp . Wedge: splitting applications into reduced-privilege compartments . In Proc. 5th USENIX NSDI , pages 309 -- 322 , Apr. 2008 . A. Bittau, P. Marchenko, M. Handley, and B. Karp. Wedge: splitting applications into reduced-privilege compartments. In Proc. 5th USENIX NSDI, pages 309--322, Apr. 2008."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/224056.224058"},{"key":"e_1_3_2_1_9_1","first-page":"57","volume-title":"Proc. 13th USENIX Security Symposium","author":"Brumley D.","year":"2004","unstructured":"D. Brumley and D. Song . Privtrans: automatically partitioning programs for privilege separation . In Proc. 13th USENIX Security Symposium , pages 57 -- 72 , Aug. 2004 . D. Brumley and D. Song. Privtrans: automatically partitioning programs for privilege separation. In Proc. 13th USENIX Security Symposium, pages 57--72, Aug. 2004."},{"key":"e_1_3_2_1_10_1","first-page":"31","volume-title":"Proc. 6th USENIX OSDI","author":"Candea G.","year":"2004","unstructured":"G. Candea , S. Kawamoto , Y. Fujiki , G. Friedman , and A. Fox . Microreboot --- a technique for cheap recovery . In Proc. 6th USENIX OSDI , pages 31 -- 44 , Dec. 2004 . G. Candea, S. Kawamoto, Y. Fujiki, G. Friedman, and A. Fox. Microreboot --- a technique for cheap recovery. In Proc. 6th USENIX OSDI, pages 31--44, Dec. 2004."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346284"},{"key":"e_1_3_2_1_12_1","unstructured":"Citrix Systems Inc. Citrix XenServer 5.6 Admininistrator's Guide. June 2010.  Citrix Systems Inc. Citrix XenServer 5.6 Admininistrator's Guide . June 2010."},{"key":"e_1_3_2_1_13_1","first-page":"273","volume-title":"Proc. 2nd USENIX NSDI","author":"Clark C.","year":"2005","unstructured":"C. Clark , K. Fraser , S. Hand , J. G. Hansen , E. Jul , C. Limpach , I. Pratt , and A. Warfield . Live migration of virtual machines . In Proc. 2nd USENIX NSDI , pages 273 -- 286 , May 2005 . C. Clark, K. Fraser, S. Hand, J. G. Hansen, E. Jul, C. Limpach, I. Pratt, and A. Warfield. Live migration of virtual machines. In Proc. 2nd USENIX NSDI, pages 273--286, May 2005."},{"key":"e_1_3_2_1_14_1","unstructured":"P. Colp. {xen-devel} {announce} xen ocaml tools. http:\/\/lists.xensource.com\/archives\/html\/xen-devel\/2009-02\/msg00229.html.  P. Colp. {xen-devel} {announce} xen ocaml tools. http:\/\/lists.xensource.com\/archives\/html\/xen-devel\/2009-02\/msg00229.html."},{"key":"e_1_3_2_1_15_1","first-page":"161","volume-title":"Proc. 5th USENIX NSDI","author":"Cully B.","year":"2008","unstructured":"B. Cully , G. Lefebvre , D. Meyer , M. Feeley , N. Hutchinson , and A. Warfield . Remus: high availability via asynchronous virtual machine replication . In Proc. 5th USENIX NSDI , pages 161 -- 174 , Apr. 2008 . B. Cully, G. Lefebvre, D. Meyer, M. Feeley, N. Hutchinson, and A. Warfield. Remus: high availability via asynchronous virtual machine replication. In Proc. 5th USENIX NSDI, pages 161--174, Apr. 2008."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455779"},{"key":"e_1_3_2_1_17_1","volume-title":"Proc. 1st OASIS","author":"Fraser K.","year":"2004","unstructured":"K. Fraser , S. Hand , R. Neugebauer , I. Pratt , A. Warfield , and M. Williamson . Safe hardware access with the Xen virtual machine monitor . In Proc. 1st OASIS , Oct. 2004 . K. Fraser, S. Hand, R. Neugebauer, I. Pratt, A. Warfield, and M. Williamson. Safe hardware access with the Xen virtual machine monitor. In Proc. 1st OASIS, Oct. 2004."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095826"},{"key":"e_1_3_2_1_19_1","first-page":"85","volume-title":"Proc. 8th Usenix OSDI","author":"Gupta D.","year":"2008","unstructured":"D. Gupta , S. Lee , M. Vrable , S. Savage , A. C. Snoeren , G. Varghese , G. M. Voelker , and A. Vahdat . Difference engine: harnessing memory redundancy in virtual machines . In Proc. 8th Usenix OSDI , pages 85 -- 93 , Oct. 2008 . D. Gupta, S. Lee, M. Vrable, S. Savage, A. C. Snoeren, G. Varghese, G. M. Voelker, and A. Vahdat. Difference engine: harnessing memory redundancy in virtual machines. In Proc. 8th Usenix OSDI, pages 85--93, Oct. 2008."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/858336.858337"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133572.1133615"},{"key":"e_1_3_2_1_22_1","volume-title":"Microsoft Virtualization with Hyper-V","author":"Kappel K.","year":"2010","unstructured":"K. Kappel , A. Velte , and T. Velte . Microsoft Virtualization with Hyper-V . McGraw-Hill , 1 st edition, 2010 . K. Kappel, A. Velte, and T. Velte. Microsoft Virtualization with Hyper-V. McGraw-Hill, 1st edition, 2010.","edition":"1"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1815961.1816010"},{"key":"e_1_3_2_1_24_1","first-page":"273","volume-title":"Proc. USENIX ATC","author":"Kilpatrick D.","year":"2003","unstructured":"D. Kilpatrick . Privman : A library for partitioning applications . In Proc. USENIX ATC , pages 273 -- 284 , June 2003 . D. Kilpatrick. Privman: A library for partitioning applications. In Proc. USENIX ATC, pages 273--284, June 2003."},{"key":"e_1_3_2_1_25_1","first-page":"225","volume-title":"Proc. Linux Symposium","author":"Kivity A.","year":"2007","unstructured":"A. Kivity , Y. Kamay , D. Laor , U. Lublin , and A. Liguori . kvm: the Linux virtual machine monitor . In Proc. Linux Symposium , pages 225 -- 230 , July 2007 . A. Kivity, Y. Kamay, D. Laor, U. Lublin, and A. Liguori. kvm: the Linux virtual machine monitor. In Proc. Linux Symposium, pages 225--230, July 2007."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"e_1_3_2_1_27_1","first-page":"263","volume-title":"Proc. Linux Symposium","author":"Kroah-Hartman G.","year":"2003","unstructured":"G. Kroah-Hartman . udev : A userspace implementation of devfs . In Proc. Linux Symposium , pages 263 -- 271 , July 2003 . G. Kroah-Hartman. udev: A userspace implementation of devfs. In Proc. Linux Symposium, pages 263--271, July 2003."},{"key":"e_1_3_2_1_28_1","volume-title":"An introduction to SR-IOV technology. Application note 321211-002","author":"Kutch P.","year":"2011","unstructured":"P. Kutch . PCI-SIG SR-IOV primer : An introduction to SR-IOV technology. Application note 321211-002 , Intel Corporation , Jan. 2011 . P. Kutch. PCI-SIG SR-IOV primer: An introduction to SR-IOV technology. Application note 321211-002, Intel Corporation, Jan. 2011."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1952682.1952692"},{"key":"e_1_3_2_1_30_1","first-page":"243","volume-title":"Proc. 17th USENIX Security Symposium","author":"Litty L.","year":"2008","unstructured":"L. Litty , H. A. Lagar-Cavilla , and D. Lie . Hypervisor support for identifying covertly executing binaries . In Proc. 17th USENIX Security Symposium , pages 243 -- 258 , July 2008 . L. Litty, H. A. Lagar-Cavilla, and D. Lie. Hypervisor support for identifying covertly executing binaries. In Proc. 17th USENIX Security Symposium, pages 243--258, July 2008."},{"key":"e_1_3_2_1_31_1","first-page":"29","volume-title":"Proc. USENIX ATC","author":"Loscocco P.","year":"2001","unstructured":"P. Loscocco and S. Smalley . Integrating flexible support for security policies into the Linux operating system . In Proc. USENIX ATC , pages 29 -- 42 , June 2001 . P. Loscocco and S. Smalley. Integrating flexible support for security policies into the Linux operating system. In Proc. USENIX ATC, pages 29--42, June 2001."},{"key":"e_1_3_2_1_32_1","first-page":"1","volume-title":"Proc. USENIX ATC","author":"Milos G.","year":"2009","unstructured":"G. Milos , D. G. Murray , S. Hand , and M. A. Fetterman . Satori: Enlightened page sharing . In Proc. USENIX ATC , pages 1 -- 14 , June 2009 . G. Milos, D. G. Murray, S. Hand, and M. A. Fetterman. Satori: Enlightened page sharing. In Proc. USENIX ATC, pages 1--14, June 2009."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346256.1346278"},{"key":"e_1_3_2_1_34_1","first-page":"231","volume-title":"Proc. 12th USENIX Security Symposium","author":"Provos N.","year":"2003","unstructured":"N. Provos , M. Friedl , and P. Honeyman . Preventing privilege escalation . In Proc. 12th USENIX Security Symposium , pages 231 -- 242 , Aug. 2003 . N. Provos, M. Friedl, and P. Honeyman. Preventing privilege escalation. In Proc. 12th USENIX Security Symposium, pages 231--242, Aug. 2003."},{"key":"e_1_3_2_1_35_1","volume-title":"Qubes OS Architecture. Version 0.3","author":"Rutkowska J.","year":"2010","unstructured":"J. Rutkowska and R. Wojtczuk . Qubes OS Architecture. Version 0.3 . Jan. 2010 . http:\/\/qubes-os.org\/. J. Rutkowska and R. Wojtczuk. Qubes OS Architecture. Version 0.3. Jan. 2010. http:\/\/qubes-os.org\/."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2005.13"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1863543.1863557"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294294"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/319151.319163"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1508293.1508311"},{"key":"e_1_3_2_1_41_1","first-page":"123","volume-title":"Proc. 8th USENIX Security Symposium","author":"Spencer R.","year":"1999","unstructured":"R. Spencer , S. Smalley , P. Loscocco , M. Hibler , D. Andersen , and J. Lepreau . The Flask security architecture: System support for diverse security policies . In Proc. 8th USENIX Security Symposium , pages 123 -- 139 , Aug. 1999 . R. Spencer, S. Smalley, P. Loscocco, M. Hibler, D. Andersen, and J. Lepreau. The Flask security architecture: System support for diverse security policies. In Proc. 8th USENIX Security Symposium, pages 123--139, Aug. 1999."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1755913.1755935"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2006.156"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/1435452.1435454"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1807167.1807194"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653728"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/1133572.1133603"}],"event":{"name":"SOSP '11: ACM SIGOPS 23nd Symposium on Operating Systems Principles","location":"Cascais Portugal","acronym":"SOSP '11","sponsor":["INESC Systems and Computer Engineering Institute","SIGOPS ACM Special Interest Group on Operating Systems"]},"container-title":["Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2043556.2043575","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2043556.2043575","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:54:18Z","timestamp":1750240458000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2043556.2043575"}},"subtitle":["security and functionality in a commodity hypervisor"],"short-title":[],"issued":{"date-parts":[[2011,10,23]]},"references-count":47,"alternative-id":["10.1145\/2043556.2043575","10.1145\/2043556"],"URL":"https:\/\/doi.org\/10.1145\/2043556.2043575","relation":{},"subject":[],"published":{"date-parts":[[2011,10,23]]},"assertion":[{"value":"2011-10-23","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}