[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xense-devel] Xen/sHype Access Control

  • To: <xense-devel@xxxxxxxxxxxxxxxxxxx>
  • From: "Myong H. Kang" <mkang@xxxxxxxxxxxxxxxx>
  • Date: Thu, 19 Jan 2006 17:19:44 -0500
  • Delivery-date: Thu, 19 Jan 2006 22:28:41 +0000
  • Importance: Normal
  • List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
Xen 3.0/sHype provides a way to control access between domains. Simple types
can be associated with a domain that can be the basis for enforcing an
access control policy.

Controlling access to physical devices is another important area because
many of covert channels stem from sharing resources (physical devices in
this case). Also such mechanism may provide an opportunity to simplify
assurance arguments. For example, if we create a mechanism to associate
simple types to a physical device, sHype ACM can enforce an access control
policy.

I would like to hear your comments on the above idea and the feasibility of
implementing the idea.

Myong  




_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.