research-article

XEBHRA: a virtualized platform for cross domain information sharing

Authors:

Charles Payne, Jr.,

Steven A. HarpAuthors Info & Claims

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Article No.: 25, Pages 1 - 4

https://doi.org/10.1145/2459976.2460005

Published: 08 January 2013 Publication History

Abstract

The Unified Cross Domain Management Office (UCDMO) states that its mission is to provide coordination and oversight for the cross domain community's vision of "secur[ing] cross domain access to and sharing of timely and trusted information, creating a seamless Enterprise that enables decision advantage." [14] The UCDMO defines three types of cross domain solution (CDS) --- transfer, access and multi-level --- to satisfy this vision [15].

References

[1]

D. Chisnall. The Definitive Guide to the Xen Hypervisor. Prentice Hall, 2007.

Digital Library

[2]

Citrix. Citrix announces XenClient2 and XenClient XT. http://www.citrix.com/English/NE/news/news.asp?newsID=2311981.

[3]

G. Coker. Xen Security Modules, July 2009. Available at xen.xensource.com/files/summit_3/coker-xsm-summit-090706.pdf.

[4]

R. Durante. Secureview and XenClient XT security. Presentation at NSA Trusted Computing Conference and Exposition, September 2011.

[5]

P. A. Karger. Multi-level security requirements for hypervisors. In Annual Computer Security Applications Conference (ACSAC). IEEE Computer Society Press, December 2005.

Digital Library

[6]

J. McDermott. Xenon: High-assurance Xen, 2007. http://www.xen.org/files/xensummit_4/XenSummitSpring07_McDermott.pdf.

[7]

J. McDermott and L. Freitas. A formal security policy for Xenon. In Workshop on Formal Methods in Software Engineering (FMSE). Association for Computing Machinery, October 2008. Held in conjunction with the ACM Conference on Computer and Communications Security.

Digital Library

[8]

J. McDermott, B. Montrose, and M. Kang. Separation virtual machine monitors. In Annual Computer Security Applications Conference (ACSAC), Orlando, FL, December 2012. ACM Press. To Appear.

Digital Library

[9]

J. P. McDermott and M. Kang. An open source high robustness VMM. In 22nd Annual Computer Security Applications Conference (ACSAC '06). IEEE, December 2006.

[10]

J. Rutkowska. Owning xen in vegas! blog entry, July 2008. http://theinvisiblethings.blogspot.com/2008/07/0wning-xen-in-vegas.html Slides available at http://invisiblethingslab.com/bh08/.

[11]

R. Sailer, T. Jaeger, E. Valdez, R. Cáceres, R. Perez, S. Berger, J. L. Griffin, and L. van Doorn. Building a MAC-based security architecture for the Xen opensource hypervisor. In Annual Computer Security Applications Conference (ACSAC). IEEE Computer Society Press, December 2005.

Digital Library

[12]

H. Su. Installing Solaris 10 virtual machine with Oracle VM manager. Available at http://blogs.oracle.com/virtualization/2010/02/installing_solaris_10_virtual.html.

[13]

Unified Cross Domain Management Office. Cross domain community roadmap, June 2008. Available at http://www.ucdmo.gov/CDCommunityRoadmapExecOverviewv7.pdf.

[14]

Unified Cross Domain Management Office. About the UCDMO, June 2011. Available at http://www.ucdmo.gov/about.html.

[15]

Unified Cross Domain Management Office. Baseline version 3.9.0, July 2011. Available at http://www.ucdmo.gov/Baseline.v.3.9.0.pdf.

[16]

J. Williams. Xen Windows GPLPV drivers. Available at http://wherethebitsroam.com/content/gplpv.

[17]

R. Wojtczuk and J. Rutkowska. Following the white rabbit: Software attacks against Intel VT-d, May 2011. http://www.invisiblethingslab.com/resources/2011/Software\%20Attacks\%20on\%20Intel\%20VT-d.pdf.

[18]

Xen.org. Xen PV-on-HVM drivers for Linux HVM guests. Available at http://wiki.xensource.com/xenwiki/XenLinuxPVonHVMdrivers.

[19]

X. Zhang, S. McIntosh, P. Rohatgi, and J. Griffin. XenSocket: a high-throughput interdomain transport for virtual machines. In Proc. of the ACM/IFIP/USENIX 2007 International Conference on Middleware, pages 184--203, 2007.

Digital Library

Index Terms

XEBHRA: a virtualized platform for cross domain information sharing
1. Applied computing
  1. Computers in other domains
    1. Military
2. Security and privacy
  1. Systems security
    1. Information flow control
    2. Operating systems security

Recommendations

SRVM: Hypervisor Support for Live Migration with Passthrough SR-IOV Network Devices
VEE '16

Single-Root I/O Virtualization (SR-IOV) is a specification that allows a single PCI Express (PCIe) device (ysical function or PF) to be used as multiple PCIe devices (virtual functions or VF). In a virtualization system, each VF can be directly assigned ...
SRVM: Hypervisor Support for Live Migration with Passthrough SR-IOV Network Devices
VEE '16: Proceedings of the12th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

Single-Root I/O Virtualization (SR-IOV) is a specification that allows a single PCI Express (PCIe) device (ysical function or PF) to be used as multiple PCIe devices (virtual functions or VF). In a virtualization system, each VF can be directly assigned ...
Content oriented virtual domains for secure information sharing across organizations
CCSW '10: Proceedings of the 2010 ACM workshop on Cloud computing security workshop

Secure information sharing across different organizations is an emerging issue for collaborative software development, product design, etc. Virtual domains have been proposed for this issue so far. A virtual domain is a collaborative workspace ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

January 2013

282 pages

ISBN:9781450316873

DOI:10.1145/2459976

Editors:
Frederick Sheldon
Oak Ridge National Laboratory
,
Annarita Giani
Los Alamos National Laboratory
,
Axel Krings
University of Idaho
,
Robert Abercrombie
Oak Ridge National Laboratory

Copyright © 2013 Authors.

Sponsors

Los Alamos National Labs: Los Alamos National Labs
Sandia National Labs: Sandia National Laboratories
DOE: Department of Energy
Oak Ridge National Laboratory
Lawrence Livermore National Lab.: Lawrence Livermore National Laboratory
BERKELEYLAB: Lawrence National Berkeley Laboratory
Argonne Natl Lab: Argonne National Lab
Idaho National Lab.: Idaho National Laboratory
Pacific Northwest National Laboratory
Nevada National Security Site: Nevada National Security Site

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 January 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Office of Naval Research
Naval Research Laboratory

Conference

CSIIRW '13

Sponsor:

Los Alamos National Labs
Sandia National Labs
DOE
Lawrence Livermore National Lab.
BERKELEYLAB
Argonne Natl Lab
Idaho National Lab.
Nevada National Security Site

CSIIRW '13: Cyber Security and Information Intelligence

January 8 - 10, 2013

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
108
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten