Breaks the control VM into multiple single-purpose components called service VMs.
Colp, Patrick, Mihir Nanavati, Jun Zhu, William Aiello, George Coker, Tim Deegan, Peter Loscocco, and Andrew Warfield. “Breaking up is hard to do: security and functionality in a commodity hypervisor.” In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 189-202. 2011.
↩
If you could revise
the fundmental principles of
computer system design
to improve security...