Virtualization for trusted computing?
As more than one attendee noted two weeks ago, LinuxWorld could have been called VirtualizationWorld instead. In a nutshell, Red Hat Inc. recently announced
it was rolling Xen
virtualization software. Around the time, XenSource Inc. of Palo Alto, Calif., released its own commercial version of Xen, XenEnterprise
. VMware Inc. of Palo Alto, Calif., touted its VMware ESX server
and its free starter model, the VMWare
. Even Microsoft Corp. chose early April to liberate its own virtualization software, Microsoft Server System
, as a free download.
Also talk swelled around how the chip makers are adding virtualization features as well. Advanced Micro Devices Inc. of Sunnyvale, Calif., plans to add virtualization extensions
to Opteron microprocessors, starting this fall. Intel Corp., of Santa Clara Calif., has already added
virtualization extensions for its Xeon and Itanium chips. Both sets of extensions, called hypervisors, should speed virtualization by allowing the guest operating system to make calls directly to the hardware, rather than going through the host OS.
So we're hearing lots o' buzz around virtualization these days. While we knew of the usual benefits of virtualization--great for server consolidation in heterogeneous environments, etc.--Simon Crosby, chief technology officer for XenSource alerted us to another
aspect that may be interest to Defense Department and intelligence agencies. Namely, that virtualization could offer great benefits for trusted computing.
When you think of trusted computing now, the image that comes to mind is of multiple computers on a desktop. One computer may be dedicated to working with a network for sensitive but unclassified data, such as the Defense Department's NIPRnet (Non-secure Internet Protocol Router Network). Another computer may be dedicated to a classified network, such as SIPRnet (the Secret Internet Protocol Router Network).
You can see the hardware and space costs that this separation of networks incurs. The challenge for the last few years has been how to design an end-user computer to work on both networks while ensuring that information from one network can not be leaked onto the other network (or can be moved, when it is appropriate to do so). Various companies have approached this problem by using dedicated hardware. Both Tenix America
and BAE Systems plc
offer ways to access networks of different classification levels through a single machine, though at a cost.
And now virtualization'or at least the form practiced by Xen'could provide another, lower-cost way, of doing this, Crosby noted. Xen's approach implements a 'separation kernel,' a thin layer of software that can act as the most trusted piece of software on the server, he said. Xen runs as the bottom-layer foundation and can authenticate Trusted Platform Modules
--such as operating systems--signed by the administrator.
'Each guest OS that is hosted has no way of knowing there is another guest on the machine. It provides complete isolation of each guest,' Crosby said. Different networks could even share the same network card. Various intelligence agencies and their contractors have been working with the Xen community to further look into this approach, he added.Posted By Joab Jackson
Posted by Brad Grimes, Joab Jackson on Apr 17, 2006 at 9:39 AM