[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

http://sourceforge.net/mailarchive/forum.php?thread_id=6364737&forum_id=35600

To: SE-Linux <selinux@xxxxxxxxxxxxx>
Subject: http://sourceforge.net/mailarchive/forum.php?thread_id=6364737&forum_id=35600
From: Luke Kenneth Casson Leighton <lkcl@xxxxxxxx>
Date: Wed, 29 Jun 2005 01:00:09 +0100
Mail-followup-to: SE-Linux <selinux@xxxxxxxxxxxxx>
Sender: owner-selinux@xxxxxxxxxxxxx
User-agent: Mutt/1.5.5.1+cvs20040105i

of interest to some mad people somewhere: ibm research's "sHype"
hypervisor security architecture.

annoyingly, it is "modelled" on flask [i say annoyingly because
they "modelled" sHype on selinux instead of incorporating
support for selinux into sHype and xen]

over the next year (starting jan 2005) they plan to do the following:

* Port sHype to Xen 

* Add stronger security/isolation guarantees (confinement)
  to what is currently available through Xen"s (and other
  hypervisors") address space separation mechanisms, e.g.,
  to enable information flow control in Xen

*  Enhance Xen to support trusted computing under Linux using
  TCG/TPM-based attestation mechanisms

*  Enhance Xen to support secure resource metering,
  verification, and control.

* Apply our experience in automated security analysis to Xen
  to make it more robust

* Make Xen suitable for Common Criteria evaluation 

-- 
--
<a href="http://lkcl.net";>http://lkcl.net</a>
--

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.

Prev by Date: Re: Groups in the alternative user solution
Next by Date: wish-list item for selinux policy analyss
Previous by thread: Re: Groups in the alternative user solution
Next by thread: wish-list item for selinux policy analyss
Index(es):
- Date
- Thread

This mailing list archive is a service of Copilot Consulting.