IBM Pledges To Make Xen More Secure

An anonymous reader writes "In the latest posting on the Xen developer list, IBM pledges to make Xen more secure by porting its secure hypervisor (sHype) architecture to it. In their posting, IBM discusses an SELinux like access control frame work, resource control and monitoring and trusted computing support for Xen. It appears that a lot is happening on the Xen front (for example, the announcement of XenSource Inc. and Intel's code drop in the xeno-unstable.bk tree for their super secret VT CPU)."

I'm lazy, refuse to RTFA

[LowneWulf]

.... seriously people, when describing some new feature of some obscure software package, can you PLEASE tell us WHAT IS IS!?!??!one!!?

"And now, Fronzo v2.1.e, now 21% more secure!"

Re:I'm lazy, refuse to RTFA

[inox]

xen is certainly not an obscure software package.
read more at http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

its a virtual machine monitor that allows you to run concurrently multiple OS on the same machine, achieving the same kind of functionnality than vmware, although the approaches are different

What this all means

[Anthony+Liguori]

Xen is an open source hypervisor for intel hardware. A hypervisor allows multiple operating systems to run side-by-side simultanously. Don't think VMware, think partitioning on a mainframe.

Intel's VT technology is hardware support for partitioning. Google it.

sHype is a research hypervisor at IBM that implements advanced security mechanisms much in the same way that SELinux does.

So, think mainframe style partitioning with the security of SELinux.

Re:Doesn't run Windows

[keebler]

It's because Xen requires modifications to the OS in order to function. An earlier version supported XP (sorta), but it hasn't been maintained.

VMWare doesn't require OS modifications because it virtualizes the entire machine (slow). Xen does, because it only fully virtualizes some resources, and forces the OS to go through the hypervisor (not as slow).