Abstract
Virtualization has gained great popularity in recent years with application virtualization being the latest trend. Application virtualization offers several benefits for application management, especially for larger and dynamic deployment scenarios. In this paper, we initially introduce the common application virtualization principles before we evaluate the security of Microsoft App-V and VMware ThinApp application virtualization environments with respect to external security threats. We compare different user account privileges and levels of sandboxing for virtualized applications. Furtherwmore, we identify the major security risks as well as trade-offs with ease of use that result from the virtualization of applications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Tulloch et al., Understanding Microsoft Virtualization Solutions: From the Desktop to the Datacenter. Microsoft Press, 2009.
Microsoft, Inc., “Microsoft application virtualization (app-v) 4.5.” [Online]. Available: http://www.microsoft.com/systemcenter/appv/default.mspx
VMware, Inc., “Vmware thinapp 4.03.” [Online]. Available: http://www.vmware.com/products/thinapp/
Y. Yu, F. Guo, S. Nanda, L.-C. Lam, and T.-C. Chiueh, “A featherweight virtual machine for windows applications,” in Proceedings of the 2nd international Conference on Virtual Execution Environments (VEE), 2006, pp. 24–34.
N. Ruest and D. Ruest, Virtualization, A Beginner’s Guide. McGraw-Hill, Mar. 2009.
S. T. King and S. W. Smith, “Virtualization and security: Back to the future,” IEEE Security and Privacy, vol. 6, no. 5, p. 15, Sep. 2008.
R. Perez, L. van Doorn, and R. Sailer, “Virtualization and hardware-based security,” IEEE Security and Privacy, vol. 6, no. 5, pp. 24–31, Sep. 2008.
S. J. Vaughan-Nichols, “Virtualization sparks security concerns,” Computer, vol. 41, no. 8, pp. 13–15, 2008.
E. Ray and E. Schultz, “Virtualization security,” in Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW), Apr. 2009, pp. 1–5.
Microsoft, Inc., App-V Security Best Practices, Sep. 2008.
——, App-V Security Operations Guide, Sep. 2008.
VMware, Inc., ThinApp Users Guide -ThinApp 4.0.3, 2009.
A. Sabri and K. Shah, “Take your apps virtual with microsoft softgrid,” Microsoft TechNet Magazine, Aug. 2007. [Online]. Available: http://technet.microsoft.com/en-us/magazine/2007.08.softgrid.aspx
Metasploit LLC, “The metasploit project.” [Online]. Available: http://www.metasploit.com/
D. Maynor, Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research. Syngress, Oct. 2007.
R. Tzur, “Sandboxie 3.4,” Sep. 2009. [Online]. Available: http://www.sandboxie.com
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media B.V.
About this paper
Cite this paper
Hoppe, M., Seeling, P. (2010). Security of Virtualized Applications: Microsoft App-V and VMware ThinApp. In: Sobh, T., Elleithy, K. (eds) Innovations in Computing Sciences and Software Engineering. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-9112-3_49
Download citation
DOI: https://doi.org/10.1007/978-90-481-9112-3_49
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-9111-6
Online ISBN: 978-90-481-9112-3
eBook Packages: Computer ScienceComputer Science (R0)