Computer Science Colloquium, 2006-2007

Tal Garfinkel
June 6
, 2007

Title: VMM Based Approaches to Enhancing Security in Commodity Systems

Abstract:
Commodity operating systems are being used in a wider range of application domains, and subjected to a wider variety of threats, than ever before. Unfortunately, these systems are so complex, feature rich, and rapidly evolving that even given the heroic efforts in recent years to enhance their security via. changes to both architecture and development process, they still fall far short of the level of assurance required for our most demanding applications, in enterprise, home, and government.

Virtual machine technology provides a promising evolutionary path to enhancing security. I will give an overview of virtualization technology, and discuss several recent projects on enhancing the assurance of intrustion detection systems, individual applications, and entire systems -- without breaking compatibility with existing operating systems.

 


Benny Pinkas