|
-
February 8th, 2008, 03:33 PM
#6
 Originally Posted by MsMittens
HT, yer a thread killer! 
Hrmm.. so EAL4+ certification for 3.0.1 (I think that's what they submitted for common criteria) won't help much? What security do you think it's lacking (from your post you seem to be suggesting, from my view point, that a hypervisor is insecure)? What things will virtualization have to include to ensure security?
Then again, what system is ever truly secure? 
I've often thought I should be ThreadKiller  but the name was taken...
I don't know that EAL4+ is sufficient... I don't know that security is necessarily lacking from the hypervisor... as you write in security you bloat the product... which isn't what you want from a hypervisor... I think it's inherent security risks that are the problem... some problems have to go away... regardless of how minor the hardware is...
Cemetric had a great example... the security of virtual switches... Going further... the hardware is being shared... something is controlling that hardware sharing... that control is at risk.. especially (for example ) at the network level...
Will hypervisors make systems more insecure... not necessarily... will they increase security... not a chance.
Similar Threads
-
By dinowuff in forum Site Feedback/Questions/Suggestions
Replies: 260
Last Post: March 25th, 2008, 07:39 PM
-
By MrLinus in forum Security News
Replies: 7
Last Post: August 30th, 2007, 05:06 PM
-
By gbrowne40 in forum Web Security
Replies: 3
Last Post: April 19th, 2007, 12:13 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote