A retrospective on the VAX VMM security kernel

Author

Karger, Paul A. ; Zurko, Mary Ellen ; Bonin, Douglas W. ; Mason, Andrew H. ; Kahn, Clifford E.

Author_Institution

Open Software Found., Cambridge, MA, USA

Volume

17

Issue

11

fYear

1991

fDate

11/1/1991 12:00:00 AM

Firstpage

1147

Lastpage

1165

Abstract

The development of a virtual-machine monitor (VMM) security kernel for the VAX architecture is described. The focus is on how the system´s hardware, microcode, and software are aimed at meeting A1-level security requirements while maintaining the standard interfaces and applications of the VMS and ULTRIX-32 operating systems. The VAX security kernel supports multiple concurrent virtual machines on a single VAX system, providing isolation and controlled sharing of sensitive data. Rigorous engineering standards were applied during development to comply with the assurance requirements for verification and configuration management. The VAX security kernel has been developed with a heavy emphasis on performance and system management tools. The kernel performs sufficiently well that much of its development was carried out in virtual machines running on the kernel itself, rather than in a conventional time-sharing system

Keywords

DEC computers; security of data; supervisory programs; virtual machines; A1-level security requirements; ULTRIX-32 operating systems; VAX VMM; configuration management; controlled sharing; isolation; microcode; multiple concurrent virtual machines; security kernel; sensitive data; standard interfaces; system management tools; virtual-machine monitor; Application software; Computer architecture; Data security; Hardware; Kernel; Operating systems; Software maintenance; Software standards; Virtual machining; Voice mail;

fLanguage

English

Journal_Title

Software Engineering, IEEE Transactions on

Publisher

ieee

ISSN

0098-5589

Type

jour

DOI

10.1109/32.106971

Filename

106971