While conventional wisdom says virtualized environments and public clouds create massive security headaches, the godf father of Xen, Simon Crosby.says virtualization actually holds a key to better security. Isolation — the ability to restrict what computing goes on in a given context — is a fundamental characteristic of virtualization that can be exploited to improve trustworthiness of processes on a physical system even if other processes have been compromised, says Crosby, a creator of the open source hyper-visor and a founder of startup Bromium, which is looking to use Xen features to boost security. If the virtual machine manager (hypervi-sor) can help isolate functions carried out on a system and thereby reduce the risk that an attack successful against one function can spread, that improves the trustworthiness of those other processes, Crosby says in an interview with Network World. "When we look back in five years we will actually figure out that the core value of hardware virtualization is security," Crosby says. "Actually it's better trust or better isolation, and not all of the grandiose cases we've come up with for virtualization today. So that even in the cloud the primary use case for virtualization will, in five years or so, be security and security through isolation."
展开▼
