Here we present our open source virtualization security policy enforcement framework called OSCKAR. OSCKAR helps enforce the principle of least privilege in a virtualization environment, and also enforces this principle for user applications to help protect against malware. OSCKAR employs a combination between intrusion prevention (resource access control), intrusion detection (resource abuse monitoring), and intrusion response, all at a level outside of the operating systems and applications being protected. At the heart of the OSCKAR architecture is a powerful and very extensible policy enforcement engine and security contract specification, which enable those experts that know the operating systems and applications best (developers, maintainers, or other trusted sources) to specify the unique runtime environment that is required in order to run these operating systems and applications safely.
OSCKAR enables individuals to design virtual appliances--self-contained packages of any combination of pre-existing disk images, specifications for on-the-fly image generation, and environmental security policies--to allow the secure deployment of operating systems and end user applications. To date, we have designed and implemented several front-ends for OSCKAR that demonstrate OSCKAR's extensibility and configurability (thanks to its policy enforcement engine and contract specification), covering use cases that include consolidated servers, public access terminals with kiosked operating systems, rapid recovery desktops, and application segregation.
OSCKAR is a work-in-progress. This website will be updated with source code, publications, and presentations that result from our work on our commonground OSCKAR core.
Thank you for your interest in OSCKAR!
This page last updated: 2009-08-17 06:39:50 AM (EDT)