Xoar: Breaking up is hard to do: security and functionality in a commodity hypervisor

Reference 1

Xoar: a modified version of Xen.

  • Breaks the control VM into multiple single-purpose components called service VMs.
  1. Colp, Patrick, Mihir Nanavati, Jun Zhu, William Aiello, George Coker, Tim Deegan, Peter Loscocco, and Andrew Warfield. “Breaking up is hard to do: security and functionality in a commodity hypervisor.” In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 189-202. 2011. ↩
Created Apr 23, 2020 // Last Updated Dec 19, 2020

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?