Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Xen: Research
Security through Isolation in Xen
 

Index | Next | Previous | View Flat


guillermo.e.colsani at intel

Dec 12, 2008, 5:06 AM


Views: 497
Permalink
Security through Isolation in Xen

Hi all,

Together with some other coworkers we have been working on a reference implementation of the security through isolation concept using virtualization. This project is using Xen to provide a contained virtualized environment where malware can run without affecting the whole system.
The goal for this project is to foster the usage of virtualization technology in client platforms (desktops and notebooks) using security as a usage driver. This reference implementation provides certain capabilities which serve as a starting point for the long term goal; some of them are:
- To manage paused Sandbox Virtual Machines ready to be awaken instantaneously to execute suspicious applications
- To destroy and re-open the Sandbox Virtual Machines once the contained suspicious application was closed

Especially, we think that the module which manages the Ready-to-be-executed Sandbox VMs (VM-Pool at Domain 0) may be suitable for other purposes such as high availability of virtual appliances, short-delay responses for highly loaded services, among others; so we'd like to hear from any suggestion on how to adapt it to meet new needs.
We invite you to try the current version of the project Isolated Execution. You can find the code and the documentation about how to compile and install it at Source Forge: http://isolated-exec.sourceforge.net<http://isolated-exec.sourceforge.net/>. Also, at http://isolated-exec.sourceforge.net/?q=node/6, you can find a flash description of what the "early-product" does.

We'd appreciate to receive feedback from the community about the overall concept, and whether you'd like to go deep on any aspect of it. Given that this is a reference implementation and is not complete, we think that the Xen Research Community is the right group to enrich the design and evolve the model. We invite you to post comments/suggestions at http://isolated-exec.sourceforge.net/?q=node/4.

Thanks and see you there!
Guillermo

Subject User Time
Security through Isolation in Xen guillermo.e.colsani at intel Dec 12, 2008, 5:06 AM
    RE: Security through Isolation in Xen pablo.r.passera at intel Jan 21, 2009, 5:19 AM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.