> I came across this article and was wondering if anyone had any additonal
> information:
> Xen Developers Focus on Security
> Enhanced virtual desktop could protect remote consumer transactions.
> http://www.pcworld.com/news/article/0,aid,121624,00.asp
Lightning overview:
* The XenSE project is *not* there to patch security issues, etc. It''s
aim is
to add a Mandatory Access Control Framework to Xen itself.
* Security policies will be set by a user tool but then enforced by Xen.
Because Xen has a very small codebase, it can be audited thoroughly to
achieve high assurance that the policy is correctly enforced. This is
required for high level security accreditation (eg. EAL).
* will enable policies such as:
- Chinese Wall : don''t allow domains from two different groups to run
on the
same machine. You might use this if you are renting domains to competing
companies.
- Type enforcement : only allow communication (eg. event channels, shared
memory) between domains with the same "type". Type could be
"owner" or it
could be "security level" (eg. "top secret" may only talk to
"top secret"
etc)
- etc.
* As part of the system, we aim to break down "dom0" into multiple
smaller
functional units. This allows us to reduce the Trusted Computing Base, again
allowing easier audit.
The end result should be a virtual machine system that splits its functions up
between multiple virtual machines with restricted privileges. As a whole
this should achieve an (even) higher assurance level than is possible for
(eg) monolithic SELinux. As a bonus, it should have higher resilience to
driver failures, etc.
Initial code for MAC has been contributed by IBM and is in the unstable tree
now. The project will be ongoing for some time - more or less "full"
XenSE
support is planned for 4.0.
There''s a XenSE mailing list, if you''re interested. Not much
happening on it
right now, though.
HTH,
Mark
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users