|
|
|
|
|
|
by nickpsecurity
3899 days ago
|
|
|
Secure multiplexing, VM's, and kernels were repeatedly done back in 80's and 90's under the Computer Security Initiative. See p5 on this one for an example where trusted functions efficiently did I/O multiplexing requests (syscalls) from untrusted drivers in guest OS's: http://www.cse.psu.edu/~trj1/cse543-f06/papers/vax_vmm.pdf You can ignore the security kernel and MLS stuff while imagining something simpler there. However, the design and assurance strategies for that one have yet to be topped by modern virtualization products. Here's a modern approach to secure I/O with a nice list of others in Related Work: http://repository.cmu.edu/cgi/viewcontent.cgi?article=1328&c... Have fun with those. |
|
|