- TalkBack 1 of 2:
- Next »
- Thread View
- Flat View
- Neocleus is not secure
- Neocleus security architecture is flawed at its basic level. The architecture uses a software mechanism to provide direct physical device assignment to virtual machines, such as graphics cards and wireless networks. It does not support hardware based direct I/O assignment or hardware based IOMMU, it is known on Intel platform as VT-d technology. Instead Neocleus engineers came up with their own software based scheme, known in the Xen community as 1:1 mapping (http://www.xen.org/files/xensummit_4/Neocleus_HVM_PCI_Pass-through_Zana.pdf). Their scheme provides software based IOMMU, which is inherently flawed in its security model. An errant DMA transfer in one virtual machine is capable of writing into the memory of another virtual machine ? can you say, ?no more memory protection or isolation between virtual machines?? Given this huge security flaw, it would take no time to write a key stroke logger or denial of service attack against any VM running on this device. The only way to achieve true security and reliability between multiple virtual machines sharing the same piece of hardware is to use hardware support for direct assignment or VT-d, any other solution is not secure.
- Posted by: DavidRottenberg Posted on: 09/25/08 You are currently: a Guest | Members login | Terms of Use
Neocleus is not secure
DavidRottenberg | 09/25/08
|
Think out of the box!
etay.bogner | 09/26/08
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
- Building the Virtualized Enterprise with VMware Infrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
- The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
- Reduce risk. Reduce complexity. Increase reliability.
-
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
