Virtual Security

Aug. 4, 2005
Security is a key feature for most virtual-memory OSs. Given sufficient hardware controls, an OS lets an application perform any operation it likes. The OS will trap any operation that's restricted and either execute an appropriate, usually comparable a

Security is a key feature for most virtual-memory OSs. Given sufficient hardware controls, an OS lets an application perform any operation it likes. The OS will trap any operation that's restricted and either execute an appropriate, usually comparable action or notify the powers that be of the security infraction.

Common Criteria Evaluation Assurance Levels (EALs) number 1 (lowest) through 7 (highest). The U.S. government and other organizations use them to specify a system's level of proven security. The "proven" part is where the difficulty comes in. As systems grow in size and complexity, so does the difficulty in proving an EAL above 1.

With system virtualization, proving a system's vulnerability to security breaches becomes significantly easier, assuming the virtualization support can be proven secure. This usually isn't difficult because of the hypervisor's small size.

It's then possible to group OSs and applications by their security requirements. Proving that this system meets the design's security requirements may still be a big job on a large system. But additions to the system are now much easier, because only the subsystem where the new addition is placed needs confirmation.

Virtualization also makes policy-based security easier to implement for the same reason. A system manager can set up a new virtual space for a user or customer that's isolated from other OSs and applications. Likewise, it's now much easier to change while the system is running.

Sponsored Recommendations

Board-Mount DC/DC Converters in Medical Applications

March 27, 2024
AC/DC or board-mount DC/DC converters provide power for medical devices. This article explains why isolation might be needed and which safety standards apply.

Use Rugged Multiband Antennas to Solve the Mobile Connectivity Challenge

March 27, 2024
Selecting and using antennas for mobile applications requires attention to electrical, mechanical, and environmental characteristics: TE modules can help.

Out-of-the-box Cellular and Wi-Fi connectivity with AWS IoT ExpressLink

March 27, 2024
This demo shows how to enroll LTE-M and Wi-Fi evaluation boards with AWS IoT Core, set up a Connected Health Solution as well as AWS AT commands and AWS IoT ExpressLink security...

How to Quickly Leverage Bluetooth AoA and AoD for Indoor Logistics Tracking

March 27, 2024
Real-time asset tracking is an important aspect of Industry 4.0. Various technologies are available for deploying Real-Time Location.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!