« Clouds on the inside | Main | Kensho - Will OVF make it to the next rung? »

Xen Gets "Safe"

Still more reason to think that, through open source and community efforts, the technical and market ecosystem built around the Xen virtualization machine environment can catch up to that created by VMware for VI3. There have been a lot of OSS projects that end up with dead websites and no significant support. But, if the approach proposed by the folks at Georgia Tech has "legs", it offers an interesting, potentially low development cost approach to enter the Xen market by the list of players that have jumped on the VMsafe bandwagon.

I'd like to know if, in addition to the creation of a hypervisor "tap" that permits passive monitoring, the XenAccess approach permits multiple processes to monitor, filter and transform the bit-stream between the hypervisor and the virtual machine.

An open source project may bring VMsafe capabilities to Xen | virtualization.info

The interest raised by the upcoming security interface that VMware calls VMsafe is notable.

Besides the company’s partners that work to use the new APIs, there are other entities that try to replicate the capabilities in other hypervisors.

One of them is Bryan D. Payne, Research Scientist at the Georgia Institute of Technology, that is maintaining with some fellows a very interesting project on the Google Code repository: XenAccess.

The team is developing a library to allow the analysis of multiple Xen virtual machines from a special domain (from where 3rd party security products can observe):

When running multiple domains (or virtual machines) using the Xen hypervisor, this library will allow a privileged domain to view the runtime state of another domain. This technique is known as virtual machine introspection.

The current software focuses on memory access, but also provides proof-of-concept code for disk monitoring. ...

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
All HTML will be escaped. Hyperlinks will be created for URLs automatically.