[cap-talk] Data pump and VMMs vs. physical isolation

Jed at Webstart donnelley1 at webstart.com
Thu Jan 19 13:25:44 EST 2006 

At 06:00 PM 1/13/2006, David Wagner wrote:
>...
> >Is this product family where the "data pump" terminology is coming from?
> >That's something else that I haven't heard before.
>
>I think the "data pump" terminology comes from an early paper from
>NRL (Navy Research Lab) that introduced the notion and used the term
>"data pump".  I think it was published at Oakland (IEEE S&P) or CSFW
>or some place like that.  Googling should turn it up, but let me know
>if you can't find it.

I guess you mean this:

http://chacs.nrl.navy.mil/publications/CHACS/1995/1995kang-NRL-7771.pdf

I'll look more at it when I get a chance.  I just returned from a 
three day trip
to Ohio.

Most of the straight Googles for "data pump" turn up some Oracle technology.
I haven't investigated enough to see if there's any connection

> >In general I'll find it interesting to see how VMMs come to be used (or not)
> >to help with security/integrity protections.
>
>VMMs are a computational simulation of physical isolation.  Anything
>you can do by buying two separate computers and isolating them, you can
>do (albeit with considerably less assurance) by running two guest OSs
>inside a VMM with appropriately restricted permissions.

Hmm.  I'm quite familiar with VM technology.  I worked some with VMMs
with VM 360/370, did at least some analysis of PDP-11 VMM
technology and of course more recently with VMware and less so
wit Xen (though I may get more into Xen now that truly virtualizable
processors are coming out from Intel and AMC).

However, I don't agree with what you say above.  One quite important
difference I think shows up in the form of the covert channels that
arise when sharing resources (e.g. processor, memory, disk)
with VMMs as opposed to what one can get with separate physical
resources.

>So really what
>you are asking is, what can we do with multiple physically isolated
>machines?  That's more or less a distributed sytems question.

I think I understand pretty well what one can get with multiple physically
isolated machines.  What I was focusing on is the differences between
physically isolated machines and what one can get with VMM technology.

--Jed http://www.webstart.com/jed/

More information about the cap-talk mailing list