[Meego-security-discussion] MeeGo Security Goals
Rene Mayrhofer
rene.mayrhofer at fh-hagenberg.at
Fri Apr 15 08:56:26 PDT 2011
On 15.04.2011 17:50, casey.schaufler at nokia.com wrote:
>> On 15.04.2011 00:37, Joseph Cihula wrote:
>>> I completely agree that a clear definition of 'user' will be needed. And these
>>> controls may also need to encompass the notion that data can be owned by more
>>> than one entity, e.g. corporate data such as emails.
>> Concerning multiple ownership, I think that virtualization would help to
>> solve many use cases. Although the VMware concept of multiple containers
>> on the phone (one for the enterprise that can be locked down and managed
>> by the central administration and one for the user that is left
>> intentionally open) is not (yet) sufficient to solve all these multiple
>> ownership cases, it is a step in the right direction.
>> However, I agree that we should not discuss implementations at this
>> point, but only note that multiple ownership is a security goal worth
>> having.
> No! Virtualization is the 30 pound sledge hammer of separation solutions.
> There are so many mechanisms available to address the issue that cost less
> and perform the sharing part of the process better that pulling in virtualization
> is just wrong.
That is debatable. Virtualization will not only give you
compartmentalization from a security point of view, but will also allow
to separate the device into completely different views. Concerning the
aim of having multiple owner, this might be the best solution for the
enterprise view / private view split.
Using KVM or Xen, this is not as heavy-weight as it used to be and has
been shown to perform well enough in practice (VMware will release a
product for ARM CPUs).
Rene
More information about the MeeGo-security-discussion
mailing list