Tal Garfinkel
June 6, 2007
Title: VMM Based Approaches to Enhancing Security in Commodity Systems
Abstract:
Commodity operating systems are being used in a wider range of application
domains, and subjected to a wider variety of threats, than ever before.
Unfortunately, these systems are so complex, feature rich, and rapidly evolving
that even given the heroic efforts in recent years to enhance their security
via. changes to both architecture and development process, they still fall far
short of the level of assurance required for our most demanding applications, in
enterprise, home, and government.
Virtual machine technology provides a promising evolutionary path to enhancing security. I will give an overview of virtualization technology, and discuss several recent projects on enhancing the assurance of intrustion detection systems, individual applications, and entire systems -- without breaking compatibility with existing operating systems.