About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
IEEE Security and Privacy
Paper
I/O for virtual machine monitors: Security and performance issues
Abstract
Virtual machine monitors (VMM) or hypervisor, is a specialized operating system (OS) that creates multiple virtual processors and behave exactly like a real hardware CPU. The Xen VMM popularized the concept of paravirtualization to simplify some aspects of CPU virtualization and I/O virtualization. Studies have demonstrated the feasibility of using hypervisions for the very high levels of security demanded by the Department of Defense projects. Pure isolation VMMs such as PR/SM on zSeries mainframes or systems, allow each guest partition with a dedicated I/O hardware and device drivers, without sharing device between them. The biggest source of performance overhead in a VMM is the cost of context switching into and out of the VMM and between guest partitions. The VMMs can run a full Linux or AIX OS in the special partitions and redirect all I/O requests from guest.