Neil MacDonald: Security No-Brainer #4: EV-Certificates for ISVs

/Home/Internet Security: Blogs/Internet Security: Gartner blog

May 1, 2009

Let me summarize my security no-brainers to date:

The first was in reference to a global, industry-wide effort to create a shareable, standards-based application whitelist database built directly from feeds from ISVs.

The second was in reference to the use of whitelisting in the hypervisor/VMM (especially the “parent” or Dom0 partition) layer to prevent the execution of unauthorized code in this security-sensitive layer.

The third was advocating the use of measurements of trust for virtualization software (starting with hypervisors and virtual machine monitors).

Click the URL above to read the full article