D.W. Bonin scite author profile

Abstract-This paper describes the development of a virtualmachine monitor (VMM) security kernel for the VAX architecture. The paper particularly focuses on how the system's hardware, microcode, and software are aimed at meeting Al-level security requirements while maintaining the standard interfaces and applications of the VMS and ULTRIX-32 operating systems. The VAX Security Kernel supports multiple concurrent virtual machines on a single VAX system, providing isolation and controlled sharing of sensitive data. Rigorous engineering standards were applied during development to comply with the assurance requirements for verification and configuration management. The VAX Security Kernel has been developed with a heavy emphasis on performance and system management tools. The kernel performs sufficiently well that much of its development was carried out in virtual machines running on the kernel itself, rather than in a conventional time-sharing system. Index Terms -Computer security, virtual machines, covert channels, mandatory security, discretionary security, layered design, security kernels, protection rings.

show abstract

A VMM security kernel for the VAX architecture

Karger

Zurko

Bonin

et al. 1990

View full text Add to dashboard Cite

This paper describes the development of a virtual-machine monitor (VMM) security kernel for the VAX architecture. The paper particularly focuses on how the system's hardware, microcode, and software are aimed at meeting Aleffort has bccn primarily aimcd at identifying the differences and their cost in development effort and in kernel complexity.This paper dcscribes how the VAX security kcrncl meets its five InajOr goals:* Mcet all AI security rcquircments.levcl security requirements while maintaining the standard interfaces and applications of the VMS and ULTRIX-32 operating systems. The VAX security kcrncl supports multiple Run on commercial hardware without special modifications other than microcode changcs for virtualization.concurrent virtual machines on a single VAX system, providing isolation and controlled sharing of sensitive data. Rigorous engincering standards were applied during devclopmcnt to comply with the assurance requirements for verification and configuration management. The VAX security kcrncl has been dcveloped with a heavy emphasis on performance and on system managemcnt tools. The kcrnel pcrforms sufficicntly well that all of its development is now carricd out in virtual machines running on the kcrnel itself, rather than in a conventional time-sharing system.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

D.W. Bonin

A retrospective on the VAX VMM security kernel

A VMM security kernel for the VAX architecture

Contact Info

Product

Resources

About