Accession Number:

AD1076348

Title:

Xenon Enterprise Scale Separation VMM Systems

Descriptive Note:

Technical Report,01 Oct 2017,30 Sep 2018

Corporate Author:

NAVAL RESEARCH LAB WASHINGTON DC WASHINGTON United States

Personal Author(s):

Report Date:

2019-06-05

Pagination or Media Count:

45.0

Abstract:

Enterprise scale cloud computing for system resource sharing has become increasingly common as virtualization offers quicker system deployment and reduced overhead and costs compared to its physical counterpart. The key challenges for cloud computing technologies are the preservation of strong separation and the fulfillment of security requirements in a virtual environment that is agile and heterogeneous in nature. In this paper, we present Xenon Enterprise to meet these challenges. Xenon Enterprise is a management platform that offers secure virtual workspaces to its users by provisioning hardware resources of hosts running Xenon Virtual Machine Monitor VMM. To understand the design concept of Xenon Enterprise and the enterprise services it provides, we start with a discussion of the Xenon security model and Xenon security policy components. Next, we provide in-depth description of the Xenon management tool stack for implementing the security policy components and enforcing them in Xenon VMMs. After the policy essentials, we demonstrate how the enterprise services can be utilized to construct a sample security policy on Xenon Enterprise that meets the requirements of strong separation and security enforcement.

Subject Categories:

  • Computer Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE