Secure virtualization technology can extend the life of legacy systems
In computing, virtualization is a broad term that refers to the abstraction of computer resources. Platform virtualization separates an operating system from its hardware and enables multiple operating systems to run concurrently on a single computer. Virtualization technology provides an avenue to continue the life of legacy systems on newer hardware and reduce hardware costs in systems by consolidating systems onto fewer physical computers. Additionally, the defense and intelligence communities need to keep these systems in different security domains. This means secure virtualization ‚Äì maintaining isolation of information and information flow control between systems running on a single computer ‚Äì is required. Secure virtualization is available from COTS vendors today in the forms of separation kernel/hypervisors.
The military utilizes systems that are ‚Äúproven‚Äù (a euphemism for ‚Äúold‚Äù). Maintaining these systems is an absolute necessity to keep our military fully operational. Too many of these systems run on older hardware that is becoming increasingly unavailable. They were designed as one-of-a-kind systems that must be maintained by the original provider and are based upon proprietary technology. The cost to maintain these systems is too high for even the DoD, which is one reason for their emphasis on open systems/open architecture in new acquisitions. While the migration to open systems makes sense, modernizing all these systems takes a lot of time and money. In the meantime, the military must continue operations, and so extending the life of legacy systems is a requirement. Take, for example, the Navy‚Äôs Consolidated Afloat Networks Enterprise Services (CANES) program, which is attempting to modernize and consolidate the networks on ships. Even this new program cites the requirement to support legacy OSs including Windows 2000, Windows 2003, XP, Solaris 9, Solaris 10, and multiple Linux versions.
The commercial world has found that virtualization permits reduction in the amount of hardware (computers) required by running multiple systems concurrently on a single piece of hardware. Virtualization also takes advantage of the increased processing power of new silicon. The systems run the same as if they were installed on stand-alone hardware platforms. In computing, a hypervisor is a virtualization platform that allows multiple operating systems to run on a host computer simultaneously.
Traditionally, the military used separate hardware and networks to isolate systems of different security levels. It is common to see multiple computers under workstations and multiple displays on desks. While virtualization can consolidate multiple systems from a computer perspective, it does not address security requirements. In fact, most commercially available hypervisors are too large to be evaluated for high-assurance systems.
Secure systems need guaranteed separation of domains of information and a controlled flow when information is exchanged between domains. Cross-domain systems rely on guards to control the transfer of information between domains in secure systems. High-assurance systems are moving to the distributed security model pioneered by John Rushby in the 1980s. Rushby introduced the concept of a separation kernel whereby the OS is small and executes a limited set of security functions (separation of domains and information flow control), but executes the set extremely well. Today a Separation Kernel Protection Profile (SKPP) provides the functional and assurance requirements for high-assurance systems using this model.
By combining the concept of virtualization and security, one can consolidate multiple legacy systems running on heterogeneous operating systems onto a single host system with high-assurance security. Legacy systems‚Äô lives are extended by running on new hardware with their existing (old version) operating systems while maintaining secure separation of domains of information.