Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Non-Interference Through Determinism
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Thirty Years Later: Lessons from the Multics Security Evaluation
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
CSP and determinism in security modelling
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
SOSP '69 Proceedings of the second symposium on Operating systems principles
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Proceedings of the 13th ACM conference on Computer and communications security
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Confining root programs with domain and type enforcement (DTE)
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Re-engineering Xen internals for higher-assurance security
Information Security Tech. Report
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
The definitive guide to the xen hypervisor
The definitive guide to the xen hypervisor
A formal security policy for xenon
Proceedings of the 6th ACM workshop on Formal methods in security engineering
BitVisor: a thin hypervisor for enforcing i/o device security
Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Analysis of virtual machine system policies
Proceedings of the 14th ACM symposium on Access control models and technologies
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
NOVA: a microhypervisor-based secure virtualization architecture
Proceedings of the 5th European conference on Computer systems
NoHype: virtualized cloud infrastructure without the virtualization
Proceedings of the 37th annual international symposium on Computer architecture
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Eliminating the hypervisor attack surface for a more secure cloud
Proceedings of the 18th ACM conference on Computer and communications security
Formal methods for security in the Xenon hypervisor
International Journal on Software Tools for Technology Transfer (STTT) - VSTTE 2009
Parametric verification of address space separation
POST'12 Proceedings of the First international conference on Principles of Security and Trust
XEBHRA: a virtualized platform for cross domain information sharing
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Formal verification of information flow security for a simple arm-based separation kernel
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Separation kernels are the strongest known form of separation for virtual machines. We agree with NSA's Information Assurance Directorate that while separation kernels are stronger than any other alternative, their construction on modern commodity hardware is no longer justifiable. This is because of orthogonal feature creep in modern platform hardware. We introduce the separation VMM as a response to this situation and explain how we prototyped one.