-
Notifications
You must be signed in to change notification settings - Fork 39
What is OpenXT
The virtualization with OpenXT aims to provide end users with an experience that meets the expectations set by traditional client computing. It aims to provide the performance, graphics, networking and peripheral compatibility that users expect. This goal underpins all design and architecture in OpenXT Client Virtualization products.
The architecture of OpenXT is unique in that it will extend this goal to formally include security properties. By their nature both client and server virtualization platforms add a layer of highly privileged software that acts as an abstraction layer between the hardware and guest VMs. This additional software must be built in such a way as to introduce no additional threats to guest VMs beyond those posed by the hardware itself. This security goal is a simple extension of the desire to provide users with an experience indistinguishable from native client computing as well as provide the security properties that users have come to expect from an OS running on "bare metal" in a virtualized environment. The security constraints must be decomposed and made concrete to be useful in an architectural analysis through the following goals:
* Workload Isolation
* Mediated Access
* Strength of Mechanism
* Integrity and Measurement
* Extensibility