Edit WYSIWYGattachfile Attach PDF Raw View►More Actions▼More Actions

Restore topic to revision: You will be able to review the topic before saving it to a new revision

Copy text and form data to a new topic (no attachments will be copied though).
Name of copy:
You will be able to review the copied topic before saving

Rename/move topic... scans links in all public webs (recommended)
Rename/move topic... scans links in CBI_ComputerSecurity web only
Delete topic... scans links in all public webs (recommended)
Delete topic... scans links in CBI_ComputerSecurity web only

Revision Date Username Comment
818 Jul 2014 - 08:05ThomasMisa 
703 Oct 2013 - 15:41norqu036? 
622 Apr 2013 - 09:21NicLewis 
512 Mar 2013 - 11:02NicLewis 
406 Mar 2013 - 08:53NicLewis 
305 Mar 2013 - 11:25NicLewis 
225 Feb 2013 - 10:37NicLewis 
121 Feb 2013 - 09:11NicLewis 

Render style:     Context:

 History: r8 < r7 < r6 < r5 < r4
[X] Hide this message.
Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the University’s Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu
You are here: UMWiki>CBI_ComputerSecurity Web>Systems>SystemsDECVAXSVS (18 Jul 2014, ThomasMisa)

Current Activitieslock Who is Who?lock People Programs Publications CSHW_2014 Systems Events Mechanisms

DEC/VAX/SVS (aka VAX VMM Security Kernel or SKVAX)


The VAX/SVS project was one among several projects seeking to build high-assurance operating systems that fulfilled the A1 class requirements of the TCSEC "Orange Book." In 1981, Steve Lipner and Paul Karger outlined the difficulties in creating a high-assurance system compatible with an existing operating system. The difficulty was that the time required to develop a high-assurance version of the operating system would mean that the high-assurance system would always remain behind the release cycles of the standard operating system, causing the two systems to grow apart, resulting in the high-assurance system lacking compatibility with software developed for the standard operating system.(1)(2) Lacking application compatibility would effectively kill sales and use of the high-assurance system.

To avoid this problem of incongruent release cycles, Lipner and Karger proposed a high-assurance virtual machine monitor, or VMM. This virtual machine would run beneath the standard operating system, emulating the VAX hardware, thus ensuring application compatibility, while maintaining high-assurance. The VAX/SVS project provided several lessons in high-assurance development, including lessons in access control, layering, minimization, and verification of assurance.(3)


1 , 3 : lock P. A. Karger, "A VMM Security Kernel for the VAX Architecture," Proceedings (IEEE Computer Society Symposium on Research in Security and Privacy, 1990), 2-4. (Login required)

2 : lock Steve Lipner et al, "Lessons from VAX/SVS for High-Assurance VM Systems," Security & Privacy 10, issue 6 (IEEE, 2012), 26-27. (Login required)

Topic revision: r8 - 18 Jul 2014 - 08:05:25 - ThomasMisa
Signed in as lewi0740 (NicLewis) | Sign out
UMWiki UMWiki
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding UMWiki? Send feedback