When virtual is better than real
Peter M. Chen, Brian D. Noble
Abstract
This position paper argues that the operating system and applications
currently running on a real machine should relocate into a virtual
machine. This structure enables services to be added below the
operating system and to do so without trusting or modifying the
operating system or applications. To demonstrate the usefulness of
this stucture, we describe three services that take advantage of it:
secure logging, intrusion prevention and detection, and environment
migration