Towards one PC for systems with different security levels

Abstract

Companies and organisations caring about the protection of critical data or critical systems have long struggled with the burden of maintaining separate computers. Commercial grade operating systems and virtualization solutions such as Windows, Linux, and VMware are unsuitable for security assurance to the high levels required for this kind of application sharing on a single PC platform. Custom solutions have failed to gain acceptance as cost containment pressures favour commercial, off-the-shelf (COTS) platforms. In addition, common PC hardware has had serious security limitations that prevent even a high assurance software solution from achieving the required domain separation. The hope for a truly high assurance, multi-level secure PC is coming closer to reality by virtue of recent innovations, both in software and hardware. © 2009 Vieweg+Teubner Verlag | GWV Fachverlage GmbH, Wiesbaden.