|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xense-devel] Enforcing MAC policies across different machines
* secure services, e.g., monitoring of user domains (anti virus, IDS), auditing, etc. --> there are existing monitoring projects, e.g., Xen Introspection Library (http://www.bryanpayne.org/ 3_software.php) I can add a little more on the XenAccess introspection project. Right now there are two key areas that I see as being most valuable and most useful to a large number of people. * First is expanding the data that XenAccess can collect. Currently it only looks at memory, but other items such as disk and network monitoring would be useful. * Second is creating higher level abstractions for access to the data. Currently it only returns a single memory page with a pointer to the requested data structure. It would be nice to automatically return the entire data structure including handling wraps over memory page boundaries when needed. In addition, it would be especially nice to integrate a kernel debugger (or something similar) to provide for simplified access to kernel memory data without the need to maintain offsets and such inside XenAccess. Beyond expanding the capabilities of XenAccess, there's also interest in building applications that use XenAccess. These could include any type of monitoring and/or response application. A first step would be to implement adapters for existing tools (e.g., network IDS and host IDS) to work through introspection. The next step would be to think about new applications of the introspection technology. I'm always happy to discuss any of the above with people that are interested :-) Cheers, bryan - Bryan D. Payne Graduate Student, Computer Science Georgia Tech Information Security Center http://www.bryanpayne.org Attachment:
smime.p7s _______________________________________________ Xense-devel mailing list Xense-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xense-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |