A security retrofit of VM/370

Gold, B. D.; Linde, R. R.; Peeler, R. J.; Schaefer, Marvin; Scheid, J. F.; Ward, Patrick

doi:10.1109/mark.1979.8817181

Cited by 24 publications

(2 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It was found that this led to systems that by and large were extremely inefficient, for diminishing returns in simplicity. Reported experience with these systems, especially those to kernelize the already svelte VM370 [17] in the form of KVM370 [31,51], led us to believe that the VMM represents a least common denominator for virtualization, simplification beyond which yields little additional benefit [30].…”

Section: Related Workmentioning

confidence: 99%

Terra

Garfinkel

Pfaff

Chow

et al. 2003

Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles

393

View full text Add to dashboard Cite

We present a flexible architecture for trusted computing, called Terra, that allows applications with a wide range of security requirements to run simultaneously on commodity hardware. Applications on Terra enjoy the semantics of running on a separate, dedicated, tamper-resistant hardware platform, while retaining the ability to run side-by-side with normal applications on a generalpurpose computing platform. Terra achieves this synthesis by use of a trusted virtual machine monitor (TVMM) that partitions a tamper-resistant hardware platform into multiple, isolated virtual machines (VM), providing the appearance of multiple boxes on a single, general-purpose platform. To each VM, the TVMM provides the semantics of either an "open box," i.e. a general-purpose hardware platform like today's PCs and workstations, or a "closed box," an opaque special-purpose platform that protects the privacy and integrity of its contents like today's game consoles and cellular phones. The software stack in each VM can be tailored from the hardware interface up to meet the security requirements of its application(s). The hardware and TVMM can act as a trusted party to allow closed-box VMs to cryptographically identify the software they run, i.e. what is in the box, to remote parties. We explore the strengths and limitations of this architecture by describing our prototype implementation and several applications that we developed for it.

show abstract

Section: Related Workmentioning

confidence: 99%

Terra

Garfinkel

Pfaff

Chow

et al. 2003

Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles

393

View full text Add to dashboard Cite

show abstract

“…Communications control, Security, or Interprocess control) Security kernels ( Ames, 1983) evolved from the concept of a monitor that checks privileges and system status variables before permitting access to processes. Several kernels have been developed over the last decade including a kernelized V1L'370 ( Gold, 1979), Kernelized Secure Operating System ( KSOS) (Berson, 1979 andMcCauley andDrongowski, 1979), a kernel by the MITRE Corporation for a DEC PDP 11/45 and one called UCLA data secure UNIX other, 1979 andWalker, 1980). These and other security kernel implementations and designs are outlined in Table 4.2(a) and Table 4.2(b) ( an adaptation of one given by Landwehr ( 1983)).…”

Section: Verifiable Implementation Approachesmentioning

confidence: 99%

Local Area Network Security

Berson¹,

Beth²

1989

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

Computer Security

Kemmerer

2002

Encyclopedia of Software Engineering

View full text Add to dashboard Cite

Computer security is an area that is growing in importance as more business applications are being automated and more vital and sensitive information is being stored in computers. Almost daily one can read newspaper accounts of computer abuse. Stealing information from a computer is just like stealing goods from a warehouse, for information is a commodity. The primary difference is that the loss of information often goes unnoticed. The term computer security means the protection of resources (including data and programs) from unauthorized disclosure, modification, or destruction. In addition, the system resources must also be protected (i.e., access to system services should not be denied). These computer security properties are usually referred to as confidentiality , integrity , and availability . More precisely: Confidentiality ensures that sensitive information is not disclosed to unauthorized recipients. Integrity ensures that data and programs are modified or destroyed only in a specified and authorized manner. Availability ensures that the resources of the system will be usable whenever they are needed by an authorized user. The degree to which each of these three properties is needed varies from application to application and are discussed.

show abstract

A security retrofit of VM/370

Cited by 24 publications

References 6 publications

Terra

Terra

Local Area Network Security

Computer Security

Contact Info

Product

Resources

About