Security Recommendations for Server-based Hypervisor Platforms

Chandramouli, Ramaswamy

July 19, 2023: URLs for CSRC publication details pages have changed. Legacy URLs should automatically redirect to the new URLs. However, links to the actual publications have NOT changed (e.g., DOIs and PDFs on nvlpubs.nist.gov). Please send inquiries to csrc-inquiry@nist.gov.

NIST SP 800-125A Rev. 1 (Initial Public Draft)

Obsoleted on June 07, 2018 by SP 800-125A Rev. 1

Security Recommendations for Server-based Hypervisor Platforms

Documentation Topics

Date Published: April 2018
Comments Due: May 2, 2018 (public comment period is CLOSED)
Email Questions to: sp800-125A-comments@nist.gov

Author(s)

Ramaswamy Chandramouli (NIST)

Announcement

Draft NIST Special Publication (SP) 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms, identifies five baseline functions of the hypervisor platform (virtualized platform), analyzes threats to these platforms and provides security recommendations. It has been found that to deploy virtualized servers for high performance applications (e.g., big data, analytics etc.), other forms of device virtualization besides the “emulation” approach covered in this document are required.

This revision captures these additional technologies for device virtualization such as para-virtualization, passthrough and self-virtualizing hardware devices as well as associated security recommendations. Major content changes in this revision can be found in Sections 1.1, 2.2.2 and 5. A markup version also shows changes from SP 800-125A (January 2018).

Abstract

The Hypervisor platform is a collection of software modules that provides virtualization of hardware resources (such as CPU, Memory, Network and Storage) and thus enables multiple computing stacks (made of an operating system (OS) and application programs) called Virtual Machines (VMs) to be run on a single physical host. In addition, it may have the functionality to define a network within the single physical host (called virtual network) to enable communication among the VMs resident on that host as well as with physical and virtual machines outside the host. With all this functionality, the hypervisor has the responsibility to mediate access to physical resources, provide run time isolation among resident VMs and enable a virtual network that provides security-preserving communication flow among the VMs and between the VMs and the external network. The architecture of a hypervisor can be classified in different ways. The security recommendations in this document relate to ensuring the secure execution of baseline functions of the hypervisor and are therefore agnostic to the hypervisor architecture. Further, the recommendations are in the context of a hypervisor deployed for server virtualization and not for other use cases such as embedded systems and desktops. Recommendations for secure configuration of a virtual network are dealt with in a separate NIST document (Special Publication 800-125B).

Keywords

Virtualization; Hypervisor; Virtual Machine; Virtual Network; Secure Configuration; Security Monitoring; Guest OS

Control Families

None selected

Documentation

Publication:
Draft SP 800-125A Rev. 1 (pdf)

Supplemental Material:
Markup copy (pdf)

Other Parts of this Publication:
SP 800-125
SP 800-125B

Document History:
04/11/18: SP 800-125A Rev. 1 (Draft)
06/07/18: SP 800-125A Rev. 1 (Final)

Topics

Security and Privacy

planning

Technologies

cloud & virtualization, servers

Laws and Regulations

OMB Circular A-130