On Tuesday, 11/04/2008 at 09:43 EST, "A. Harry Williams"
<[EMAIL PROTECTED]> wrote:
> My understanding is that it was also a measure of the processes in place
> by the vendor to build and maintain a secure environment. The higher
> the level, the more processes that must be documented and in pla
On Tue, 4 Nov 2008 16:15:52 -0500 Alan Altmark said:
>
>Don't be deceived by the "EAL" number. It is a measure of the amount of
>evidence (assurance) that the vendor has provided to the evaluator to
>support the claims in the Security Target. It also measures the amount of
>effort expended by the
On Tuesday, 11/04/2008 at 02:20 EST, "A. Harry Williams"
<[EMAIL PROTECTED]> wrote:
> There is a 4th very important that I'm sure Alan will chime in with,
> EAL, Evaluation Assurance Level.
- z/VM 5.3 is EAL 4+ using protection profiles CAPP and LSPP.
- z/OS 1.9 is EAL 4+ using protection profil
> What effect would this same hack have on the intended target if the
x86
> system being targeted was running as a guest under z/VM? Wouldn't the
ill
> effects be reduced by the wall between virtual guests inherent with
z/VM?
It would be unlikely to be effective, IMHO, because it would need to be
> > Not just possible; proven. It's been done on an Intel Pacifica
chipset,
> > and there was an excellent paper in IEEE Transactions on Computer
> > Systems on how it was done.
Sorry, remembered the journal wrong. Was in the Black Hat USA 2007
proceedings. My technical article slushpile is gettin
Dennis Boone wrote:
VM's advantages would appear to be:
1. Many years of refinement.
Especially a convergence of the processor architecture with the software
ideal.
2. Less knowledge of its internals in the broad public.
This is a weakness, not a strength. It's like staying healthy by n
On Tue, 4 Nov 2008 13:23:40 -0500 Dennis Boone said:
> > What effect would this same hack have on the intended target if the x86
> > system being targeted was running as a guest under z/VM? Wouldn't the
> > ill effects be reduced by the wall between virtual guests inherent with
> > z/VM?
>
>The x8
> What effect would this same hack have on the intended target if the x86
> system being targeted was running as a guest under z/VM? Wouldn't the
> ill effects be reduced by the wall between virtual guests inherent with
> z/VM?
The x86 hypervisors have a "wall" between guests too. The first
It seems our colleagues doing virtualization on Intel have another
possible security
concern to worry about now.
By far the biggest concern related to virtual machine security is
the
threat of
a virtual machine escape. A virtual machine escape is a theore
gt; wrote:
>
>> It seems our colleagues doing virtualization on Intel have another
>> possible security
>> concern to worry about now.
>>> By far the biggest concern related to virtual machine security is
> the
>> threat of
>>> a virtual m
On Tue, 4 Nov 2008, David Boyes wrote:
>
> Not just possible; proven. It's been done on an Intel Pacifica chipset,
> and there was an excellent paper in IEEE Transactions on Computer
> Systems on how it was done.
>
And how much are you willing to bet that *somewhere* there is a "manager"
who
> It seems our colleagues doing virtualization on Intel have another
> possible security
> concern to worry about now.
> > By far the biggest concern related to virtual machine security is
the
> threat of
> > a virtual machine escape. A virtual machine escape is
It seems our colleagues doing virtualization on Intel have another possible security
concern to worry about now.
-- > *Virtual machine escape no vacation*
<http://go.techtarget.com/r/4912983/567145>
Brien M. Posey, Contributor
Without a doubt, the hottest trend in IT today is da
13 matches
Mail list logo