Issue No. 11 - November (1991 vol. 17)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/32.106971
<p>The development of a virtual-machine monitor (VMM) security kernel for the VAX architecture is described. The focus is on how the system's hardware, microcode, and software are aimed at meeting A1-level security requirements while maintaining the standard interfaces and applications of the VMS and ULTRIX-32 operating systems. The VAX security kernel supports multiple concurrent virtual machines on a single VAX system, providing isolation and controlled sharing of sensitive data. Rigorous engineering standards were applied during development to comply with the assurance requirements for verification and configuration management. The VAX security kernel has been developed with a heavy emphasis on performance and system management tools. The kernel performs sufficiently well that much of its development was carried out in virtual machines running on the kernel itself, rather than in a conventional time-sharing system.</p>
VAX VMM; security kernel; virtual-machine monitor; microcode; A1-level security requirements; standard interfaces; ULTRIX-32 operating systems; multiple concurrent virtual machines; isolation; controlled sharing; sensitive data; configuration management; system management tools; DEC computers; security of data; supervisory programs; virtual machines
A. Mason, P. Karger, D. Bonin, C. Kahn and M. Zurko, "A Retrospective on the VAX VMM Security Kernel," in IEEE Transactions on Software Engineering, vol. 17, no. , pp. 1147-1165, 1991.