Wave Systems Corp. (NASDAQ:WAVX www.wave.com) and LynuxWorksTM today announced their collaboration on the use of a self-encrypting hard drive to provide data-at-rest protection alongside the LynxSecure separation kernel and hypervisor securely running multiple operating systems on a PC. This capability is significant because it solves the complexity and performance issues typically associated with encrypting data on virtual machines running different operating systems. The demonstration takes place this week at the National Security Agency's (NSA) Trusted Computing Conference and Exposition (Orlando, September 14-16) and again at the Embedded Systems Conference (Boston, September 21-22).
Virtualization allows IT to run multiple virtual machines on a single physical machine. Each virtual machine shares the resources of a single computer across multiple environments, allowing different operating systems and multiple applications to run simultaneously. Although virtualization technology isn't new, it's becoming increasingly viable as computing becomes more powerful and disk capacity increases. Secure virtualization helps to partition traditionally unsecure environments like Internet browsing from corporate applications and data that are housed on the same PC.
The use of virtualization in a laptop (made possible via a component called a hypervisor) can make it difficult to protect data using software encryption, which is a key method for securing data on laptops against theft. A separate software encryption program must run on each virtual machine. Self-encrypting hard drives (SEDs) are a better option; they are more secure and because encryption is "built in," data is protected at all times, regardless of which virtual machine or operating system is used. The result: laptop data is always protected if a device is lost or stolen. The combination of an SED with a secure virtualization solution could offer laptop users the best of both worlds. As many companies are evaluating client-side virtualization as part of their overall security strategy, SEDs should be given strong consideration.
Demonstration in Focus: Two Operating Systems, One Laptop + One SED
For their demonstrations, Wave and LynuxWorks will use an off-the-shelf Dell Latitude equipped with a Seagate FIPS Level-2-compliant SED managed by Wave's EMBASSY® Trusted Drive Manager. Trusted Drive Manager will run within a Windows virtual machine managed by the LynuxWorks' LynxSecure hypervisor. Another operating system, either Linux or Google Chrome, will also run simultaneously on the laptop and provide a domain used for browsing and accessing the open Internet, without compromising the Windows virtual machine. With this configuration, the SED can be fully provisioned and managed on the laptop and Wave's enterprise management software can prove encryption is in place at all times to ensure regulatory compliance.
"There is tremendous benefit in combining industry-standard hardware encryption with secure virtualization technology," said Gurjot Singh, CEO and President of LynuxWorks. "The two technologies help to protect the important data that resides on a laptop either at rest or while on-line, and represents a huge leap forward in safeguarding information from physical or cyber crime."
"LynuxWorks is a first mover in the secure hypervisor virtualization field, as they immediately appreciated the value of secure drive technology and its applications to the enterprise," said Dr. Robert Thibadeau, Wave's Chief Scientist and Senior Vice President. "In addition to managing an SED on a hypervisor-controlled laptop, we'll showcase some additional security features—notably the capability for containing cyber attacks, and isolating the open Internet from corporate applications and data. We're excited to show these capabilities and more."
LynuxWorks, a world leader in the embedded software market, is committed to providing open and reliable real-time operating systems (RTOS) and software tools. The company's LynxOS family of operating systems offer open standards with the highest level of safety and security features, enabling many mission-critical systems in defense, avionics and other industries. The latest product in the portfolio, the award-winning LynxSecure, offers a secure separation kernel and embedded hypervisor that forms a platform for the development of high-assurance systems. Since it was established in 1988, LynuxWorks has created technology that has been successfully deployed in thousands of designs and millions of products made by leading communications, avionics, aerospace/defense, and consumer electronics companies. LynuxWorks' headquarters are located in San Jose, California.