Download now Free registration required
The authors question current trends that attempt to leverage virtualization techniques to achieve security goals. They suggest that the security role of a virtual machine centers on being a policy interpreter rather than a resource provider. These two roles (security reference monitor and resource emulator) are currently conflated within the context of virtual machines and VMMs. They believe that this "Double-duty" leads to both a significant performance impact as well as a bloated virtualization layer. Increased complexity reduces confidence that the code is elementary enough to verify or trust from a security perspective.
- Format: PDF
- Size: 186.73 KB