This presentation describes an approach for selectively hardening COTS components to provide robustness and security. Using the concept of a loadable module, "kernel hypervisors" will be implemented on a NT kernel. These kernel hypervisors provide unbypassable security wrappers for application specific security requirements and can be used to provide replication services as well.

A framework will be developed based on a master kernel hypervisor, whose job is to coordinate installation and removal of individual client kernel hypervisors and to provide a means for management of these clients. The framework allows client kernel hypervisors to be stacked so that a variety of application specific policies can be implemented, each by means of its own kernel hypervisor. The hypervisors run in the kernel, but since they are loadable modules, they do not require that the kernel be modified.

Kernel hypervisors have a number of potential applications, including protecting user systems from malicious active content downloaded via a Web browser and wrapping servers and firewall services for limiting possible compromises.

Terrence Mitchem
Secure Computing Corporation
2675 Long Lake Road
Roseville, MN 55113
email: mitchem@securecomputing.com