Sciweavers

CCS
2008
ACM

Flexible security configuration for virtual machines

14 years 2 months ago
Flexible security configuration for virtual machines
Virtual machines are widely accepted as a promising basis for building secure systems. However, while virtual machines offer effective mechanisms to create isolated environments, mechanisms that offer controlled interaction among VMs are immature. Some VM systems include flexible policy models and some enable MLS enforcement, but the flexible use of policy to control VM interactions has not been developed. In this paper, we propose an architecture that enables administrators to configure virtual machines to satisfy prescribed security goals. We describe the design and implementation of such an architecture using SELinux, Xen and IPsec as the tools to express and enforce policies at the OS, VM and Network layers, respectively. We develop a web application using our architecture and show that we can configure application VMs in such a way that we can verify the enforcement of the security goals of those applications. Categories and Subject Descriptors D.4.6 [Operating Systems]: Security...
Sandra Rueda, Yogesh Sreenivasan, Trent Jaeger
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where CCS
Authors Sandra Rueda, Yogesh Sreenivasan, Trent Jaeger
Comments (0)