Separation virtual machine monitors

@inproceedings{McDermott2012SeparationVM,
  title={Separation virtual machine monitors},
  author={John P. McDermott and Bruce E. Montrose and Margery Li and James Kirby and Myong H. Kang},
  booktitle={ACSAC},
  year={2012}
}

John P. McDermott, Bruce E. Montrose, +2 authors Myong H. Kang
Published 2012 in ACSAC
DOI:10.1145/2420950.2421011

Separation kernels are the strongest known form of separation for virtual machines. We agree with NSA's Information Assurance Directorate that while separation kernels are stronger than any other alternative, their construction on modern commodity hardware is no longer justifiable. This is because of orthogonal feature creep in modern platform hardware. We… CONTINUE READING

4 Figures & Tables

Topics

Instruction creep

Cited By

A survey on formal specification and verification of separation kernels

Yongwang Zhao, Zhibin Yang, Dianfu Ma
Frontiers of Computer Science
2016

The open source, formally-proven seL4 microkernel: Considerations for use in avionics

Steven H. VanderLeest
2016 IEEE/AIAA 35th Digital Avionics Systems…
2016

Formal Specification and Verification of Separation Kernels: An Overview

Yongwang Zhao
ArXiv
2015

MPSoC hypervisor: The safe & secure future of avionics

Steven H. VanderLeest, Dagan White
2015 IEEE/AIAA 34th Digital Avionics Systems…
2015

Re-thinking Kernelized MLS Database Architectures in the Context of Cloud-Scale Data Stores

Thuy D. Nguyen, Mark A. Gondree, Jean Khosalim, Cynthia E. Irvine
ESSoS
2015

Analysis of Monolithic and Microkernel Architectures: Towards Secure Hypervisor Design

Jordan Shropshire
2014 47th Hawaii International Conference on…
2014

A safe & secure arinc 653 hypervisor

Steven H. VanderLeest, David Greve, Paul Skentzos
2013 IEEE/AIAA 32nd Digital Avionics Systems…
2013

Formal verification of information flow security for a simple arm-based separation kernel

Mads Dam, Roberto Guanciale, Narges Khakpour, Hamed Nemati, Oliver Schwarz
ACM Conference on Computer and Communications…
2013

In Guards We Trust: Security and Privacy in Operating Systems Revisited

Michael Hanspach, Jörg Keller
2013 International Conference on Social Computing
2013

XEBHRA: a virtualized platform for cross domain information sharing

Charles N. Payne, Jason Sonnek, Steven A. Harp
CSIIRW
2013

References

Showing 1-6 of 6 references

Scalable Parametric Verification of Secure Systems: How to Verify Reference Monitors without Worrying about Data Structure Size

Jason Franklin, Sagar Chaki, Anupam Datta, Arvind Seshadri
2010 IEEE Symposium on Security and Privacy
2010

Eliminating the hypervisor attack surface for a more secure cloud

Jakub Szefer, Eric Keller, Ruby B. Lee, Jennifer Rexford
ACM Conference on Computer and Communications…
2011

NOVA: a microhypervisor-based secure virtualization architecture

BitVisor: a thin hypervisor for enforcing i/o device security

Takahiro Shinagawa, Hideki Eiraku, +11 authors Kazuhiko Kato
VEE
2009

The Flask Security Architecture: System Support for Diverse Security Policies

Ray Spencer, Stephen Smalley, Peter Loscocco, Mike Hibler, David G. Andersen, Jay Lepreau
USENIX Security Symposium
1999

Building a MAC-based security architecture for the Xen open-source hypervisor

Reiner Sailer, Trent Jaeger, +5 authors Leendert van Doorn
21st Annual Computer Security Applications…
2005

Presentations referencing similar topics
- Contradiction of Separation through Virtualization and Inter Virtual Machine Communication in Automotive Scenarios
  Tobias Holstein + 1 • Jan 07, 2016
- A virtualized separation kernel for mixed criticality systems
  Ye Li + 2 • Mar 27, 2015
- Bpf – In-kernel Virtual Machine
  Jul 06, 2015
- Show More