Trusted virtual domains on OpenSolaris: usable secure desktop environments

Authors:
Hans Löhr;Thomas Pöppelmann;Johannes Rave;Martin Steegmanns;Marcel Winandy
Affiliations:
Ruhr-University Bochum, Bochum, Germany;Ruhr-University Bochum, Bochum, Germany;Ruhr-University Bochum, Bochum, Germany;Ruhr-University Bochum, Bochum, Germany;Ruhr-University Bochum, Bochum, Germany
Venue:
Proceedings of the fifth ACM workshop on Scalable trusted computing
Year:
2010

Citing 9
Cited 2

On micro-kernel construction

SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Towards automated provisioning of secure virtualized networks

Proceedings of the 14th ACM conference on Computer and communications security
TVDc: managing security in the trusted virtual datacenter

ACM SIGOPS Operating Systems Review
Flexible and secure enterprise rights management based on trusted virtual domains

Proceedings of the 3rd ACM workshop on Scalable trusted computing
Towards automated security policy enforcement in multi-tenant virtual data centers

Journal of Computer Security - EU-Funded ICT Research on Trust and Security
Transparent mobile storage protection in trusted virtual domains

LISA'09 Proceedings of the 23rd conference on Large installation system administration
Trusted virtual domains: toward secure distributed services

HotDep'05 Proceedings of the First conference on Hot topics in system dependability
Trusted virtual domains – design, implementation and lessons learned

INTRUST'09 Proceedings of the First international conference on Trusted Systems

Trusted virtual containers on demand

Proceedings of the fifth ACM workshop on Scalable trusted computing
Trusted virtual domains on OKL4: secure information sharing on smartphones

Proceedings of the sixth ACM workshop on Scalable trusted computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Trusted Virtual Domains (TVDs) are a security concept to create separated domains over virtual and physical platforms. Since most existing TVD implementations focus on servers and data centers, there are only few efforts on secure desktop environments. To fill this gap, we present in this paper an implementation of TVDs based on the OpenSolaris operating system. We leverage several of its existing features (e.g., lightweight virtualization, security labels and a secure graphical user interface) and extend OpenSolaris with components for automated management and policy enforcement to create a usable desktop implementation of TVDs. This includes the transparent encryption of external storage and home directories of users, restriction of copy-and-paste according to the TVD policy, efficient deployment of images for user environments, and a central management interface for the administration. Our system enables organizations to securely separate different work flows with sensitive data from each other and from untrusted environments.