Virtualization and Security Birds-of-a-Feather (BoF) Session

Virtualization: Discussion Concerning Its Impact on Security and Current Trends"

USENIX Security Symposium 2009 - August 13, 2009

Todd Deshane and Patrick F. Wilbur

{deshantm,wilburpf} - or, if they no longer work just Google us

Thank you for your interest in our Virtualization and Security Birds-of-a-Feather session! We had a great discussion and really appreciate all the participation we had and the interesting topics brought up by attendees. With the popularity and growing prevalence of virtual machine monitors (hypervisors) in many capacities and in many settings, we strongly feel that there will be a lot of interaction and common interests among members of the virtualization and security communities to come. We also hope to see the growth of future BoFs and SIGs regarding this relevant topic.

  1. Abstract
  2. Presentation Materials
    1. View Slides Online
  3. Further Reading
    1. About Virtualization Work at Clarkson
    2. About the Organizers


This discussion will investigate the security pros and cons of virtualization. Pros discussed will include the usefulness of virtualization for secure virtual appliance deployment, convenient sandboxing, and convenient software distribution. Cons will be discussed relating to the additional security demands of virtualization and its weaknesses or complications, including the addition of another exploitable layer, the increased performance overhead, and the reduced granularity of access of control.

While considering the current trends in virtualization technology development and adoption, questions that will be discussed include: Does virtualization have anything additional to offer for enforcing the principle of least privilege (POLP), or for more secure or more convenient sandboxing? Does virtualization offer a more convenient secure software distribution mechanism? In which ways does virtualization unnecessarily complicate securing applications, and in which ways does it simplify application security? In which scenarios is the actual performance impact of virtualization too great for it to be viably used, and in which scenarios is its performance impact outweighed by its potential security benefits?

USENIX Security Symposium 2009 BoFs Page

Presentation Materials

View Slides Online


Further Reading

About Virtualization Work at Clarkson

About the Organizers

This page last updated: 2009-08-17 05:54:44 AM (EDT)