Initial version
1.4 KiB
layout | title | permalink |
---|---|---|
wiki | SecurityGoals | /wiki/SecurityGoals/ |
Qubes Security Goals
Qubes implements Security by Isolation approach by providing a user with ability to easily creates many security domains. Those domains are implemented as lightweight Virtual Machines (VMs) running under the Xen hypervisor. Qubes main objective is to provide strong isolation between those domains, so that even if the attacker compromise one of the domain, others are still safe. Qubes, however, does not attempt to provide any security isolation for applications that run within the same domain.
E.g. a buggy web browser running in one of the Qubes domains could still be compromised just as easily as on regular Linux OS. The difference that Qubes makes is that now the attacker doesn't have access to all the other software running in other domains.
Qubes also provides a number of mechanisms that makes it easy and convenient for the user to run multiply domains, such as seamless GUI integration on one common desktop, secure clipboard copy and paste between domains, secure file transfer between domains, disposable VMs, etc. Qubes also provides advanced networking infrastructure that allows for creation of multiple network VMs (that isolate all the world-facing networking stacks) and proxy VMs that could be used for advanced VPN and tunnelling over untrusted connections.