Considering the Role of Hardware in Securing OS and Hypervisor Operation

Considering the Role of Hardware in Securing OS and Hypervisor Operation
Considering the Role of Hardware in Securing OS and Hypervisor Operation
White Paper
November 28, 2018

Considering the Role of Hardware in Securing OS and Hypervisor Operation

Trusted Computing: The COTS Perspective Series

In our previous Trusted Computing white paper, (“Hardware Features for Maintaining Security During Operation”), we discussed the powerful hardware features resident in the most popular defense and aerospace processor architectures and how they can be implemented to ensure the continued security of a trusted system during operation. In this white paper, our focus turns to the role that hardware plays in ensuring the security of operating systems (OS) and hypervisors.

Many applications run on the concept of “least privilege,” meaning that the software is only provided access to the minimum set of resources (for example, the hardware and other applications) that they need to complete their tasks. A security context separation between an application and other resources is an important method to ensure that less secure applications and software can’t access critical data from more secure and critical applications. Highly sensitive data needs to be protected to ensure that only the code that needs to operate on that data has access to it.

The responsibility of maintaining this type of secure application separation belongs to the OS and the Hypervisor (if one exists on the system). Think of an application as sitting on top of a software stack. Each lower layer of that stack must do its part to ensure that the application layer’s security is maintained. At the bottom of the stack resides the hardware, which must be able to enforce the access controls. Running directly on the hardware will be either an OS or a Type-1 hypervisor (Type-2 hypervisors, instead of running on top of the hardware, run on top of an OS) that must manage the access controls. For optimal protection, the system should be configured to ensure that the OS (or Type-1 hypervisor) exploits all available hardware security features so that it can appropriately manage scheduling, resources, processes, and security from the next layer. It is very difficult to build a secure application if the foundation is missing those essential security building blocks.

Login and download the white paper to learn more about:

  • OS Security Concepts
  • Hypervisors
  • Layering Security