Application and analysis of the virtual machine approach to information system security and isolation

Security is an important factor if the programs of independent and possibly malicious users are to coexist on the same computer system. In this paper we show that a combined virtual machine monitor/operating system (VMM/OS) approach to information system isolation provides substantially better software security than a conventional multiprogramming operating system approach. This added protection is derived from redundant security using independent mechanisms that are inherent in the design of most VMM/OS systems.