add papers & references

Author: transpute

_includes/footer.html

@@ -22,7 +22,6 @@ <h2 class="footer-heading">{{ site.title }}</h2>
           </li>
           {% endif %}
 
-
           {% if site.github_wikipath %}
           <li>
             <a href="https://github.com/{{ site.github_wikipath }}">
@@ -36,6 +35,17 @@ <h2 class="footer-heading">{{ site.title }}</h2>
           </li>
           {% endif %}
 
+          {% if site.jira_url %}
+          <li>
+            <a href="{{ site.jira_url }}">
+              <span class="icon  icon--github">
+		<img width=16 src="{{ site.baseurl }}/images/jira.png">
+              </span>
+              <span class="username">JIRA</span>
+            </a>
+          </li>
+          {% endif %}
+
           {% if site.googlegroup %}
           <li>
             <a href="https://groups.google.com/forum/#!forum/{{ site.googlegroup }}">

development.md

@@ -6,7 +6,7 @@ permalink: /development/
 
 Please read the [contribution](https://github.com/OpenXT/openxt/wiki/Contributing) guidelines. There are 50+ source repositories on [Github](https://github.com/openxt), with [build instructions](https://github.com/OpenXT/openxt/wiki/How%20to%20build%20OpenXT).  Issues and enhancements are tracked in [JIRA](https://openxt.atlassian.net).
 
-The documents below are dated, especially with respect to video architecture, but may be useful to new developers.  They need to be converted to the Github wiki and edited to revise or remove dated sections.
+The documents below are dated, especially with respect to video architecture, but may be useful to new developers.  They will be converted to the Github wiki and edited to revise or remove dated sections.
 
 + [OpenXT Architecture Guide](https://github.com/OpenXT-Extras/docs/blob/master/XTArchitectureGuide.pdf?raw=true)
 + [OpenXT Appliance Developer Guide](https://github.com/OpenXT-Extras/docs/blob/master/XTEngineDeveloperGuide.pdf?raw=true)

history.md

@@ -6,36 +6,47 @@ permalink: /history/
 
 ## Ecosystem
 
-2014 LinuxCon NA, [Security in the Cloud: Xen, KVM, Containers](http://www.slideshare.net/xen_com_mgr/lcna14-security-of-virtualization-solutions), *George Dunlap*
+2014
 
-2014 Xen Summit, [Security and the Properties of a Xen Virtualization Platform](http://www.slideshare.net/xen_com_mgr/tricca-xen-summit2014), *Philip Tricca*.
+* LinuxCon NA, [Security in the Cloud: Xen, KVM, Containers](http://www.slideshare.net/xen_com_mgr/lcna14-security-of-virtualization-solutions), *George Dunlap*
 
-2013 LinuxCon EU, [Securing your cloud with Xen's advanced security features](http://www.slideshare.net/xen_com_mgr/lceu13-securing-your-cloud-with-xens-advanced-security-features-ge), *George Dunlap* ([video](http://www.youtube.com/watch?v=fvW3kzl-bfY))
+* Xen Summit, [Security and the Properties of a Xen Virtualization Platform](http://www.slideshare.net/xen_com_mgr/tricca-xen-summit2014), *Philip Tricca*.
 
-2013 Xen Summit, [In-Guest Mechanisms to Strengthen Guest Separation](http://www.slideshare.net/xen_com_mgr/xen-summit-2013triccastrengthen-guest-separation), *Philip Tricca*
+2013
 
-2013 Xen Summit, [Secure Server Project](http://www.slideshare.net/xen_com_mgr/xen-summit2013-secureserverproject), *Jason Sonnek* ([video](http://www.youtube.com/watch?v=v_RJZTFcKoc))
+* LinuxCon EU, [Securing your cloud with Xen's advanced security features](http://www.slideshare.net/xen_com_mgr/lceu13-securing-your-cloud-with-xens-advanced-security-features-ge), *George Dunlap* ([video](http://www.youtube.com/watch?v=fvW3kzl-bfY))
+
+* Xen Summit, [In-Guest Mechanisms to Strengthen Guest Separation](http://www.slideshare.net/xen_com_mgr/xen-summit-2013triccastrengthen-guest-separation), *Philip Tricca*
+
+* Xen Summit, [Secure Server Project](http://www.slideshare.net/xen_com_mgr/xen-summit2013-secureserverproject), *Jason Sonnek* ([video](http://www.youtube.com/watch?v=v_RJZTFcKoc))
 
 > Multi-Level (MLS) Hypervisor for Server 
 
-2012 Xen Summit, [μ-Xen](http://www.slideshare.net/xen_com_mgr/xen-14203926), *Ian Pratt*
+2012 
+
+* Xen Summit, [μ-Xen](http://www.slideshare.net/xen_com_mgr/xen-14203926), *Ian Pratt*
 
 > Micro-Virtualization, Type-2 Hypervisor, VM Fork, Deprivileged Windows Host 
 
-2012 Xen Summit, [Xen and Client Virtualization: the case of XenClient XT](http://www.slideshare.net/xen_com_mgr/xen-and-client-virtualization-the-case-of-xenclient-xt), *Gianluca Guida*
+* Xen Summit, [Xen and Client Virtualization: the case of XenClient XT](http://www.slideshare.net/xen_com_mgr/xen-and-client-virtualization-the-case-of-xenclient-xt), *Gianluca Guida*
 
 > Client Virtualization, VPN VM, Linux Stub Domains, Graphics Virtualization, Inter-VM Communication, SE Linux, Xen Security Modules (XSM), Dynamic Root of Trust Measurement (DRTM), Service VMs, Intel VT-d, Intel TXT.
 
-2010 [Qubes OS Architecture](http://files.qubes-os.org/files/doc/arch-spec-0.3.pdf), *Joanna Rutkowska*
+2010 
+
+* [Qubes OS Architecture](http://files.qubes-os.org/files/doc/arch-spec-0.3.pdf), *Joanna Rutkowska*
 
 > Secure GUI, Secure networking, Secure storage, Analysis of potential attack vectors
 
-2007 Xen Summit, [Trusted Boot: Verifying the Xen Launch](http://www-archive.xenproject.org/files/xensummit_fall07/23_JosephCihula.pdf), *Joseph Cihula*
+2007 
 
+* Xen Summit, [Trusted Boot: Verifying the Xen Launch](http://www-archive.xenproject.org/files/xensummit_fall07/23_JosephCihula.pdf), *Joseph Cihula*
 
 ## Research
 
-2011 ACM Symposium on Operating Systems Principles, [Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor](http://www.cs.ubc.ca/~andy/papers/xoar-sosp-final.pdf), *Patrick Colp et al.*
+2011 
+
+* ACM Symposium on Operating Systems Principles, [Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor](http://www.cs.ubc.ca/~andy/papers/xoar-sosp-final.pdf), *Patrick Colp et al.*
 
 > "We present Xoar, a modified version of Xen that retrofits the modularity and 
 isolation principles used in microkernels onto a mature virtualization platform. 
@@ -45,14 +56,35 @@ benefits: sharing of service components by guests is configurable and auditable,
 making exposure to risk explicit, and access to the hypervisor is restricted 
 to the least privilege required for each component."
 
-2008 ACM Conference on Virtual Execution Environments, [Improving Xen Security through Disaggregation](https://www.cl.cam.ac.uk/research/srg/netos/papers/2008-murray2008improving.pdf), *Derek Murray et al.*
+2008 
+
+* ACM Conference on Virtual Execution Environments, [Improving Xen Security through Disaggregation](https://www.cl.cam.ac.uk/research/srg/netos/papers/2008-murray2008improving.pdf), *Derek Murray et al.*
 
 > "We introduce our work to disaggregate the management virtual machine 
 in a Xen-based system ... moves
 the domain builder, the most important privileged component, into a minimal 
 trusted compartment. We illustrate how this approach may be used to implement 
 “trusted virtualisation” and improve the security of virtual TPM implementations. 
 
-2006 USENIX Security, [Virtualizing the trusted platform module](https://www.usenix.org/event/sec06/tech/full_papers/berger/berger.pdf), *Stefan Berger et al.*
+2007
+
+* ACM Workshop on New Security Paradigms, [Robustly Secure Computer Systems: A new security paradigm of system discontinuity](http://parsys.eecs.uic.edu/~solworth/solworth07systemDiscontinuity.pdf), *Jon A. Solworth*
+
+2006 
+
+* *Computer* magazine, [Can We Make Operating Systems Reliable and Secure?](http://www.cs.vu.nl/~ast/publications/computer-2006a.pdf), *Andrew S. Tanenbaum et al.*
+* USENIX Security, [Virtualizing the Trusted Platform Module](https://www.usenix.org/event/sec06/tech/full_papers/berger/berger.pdf), *Stefan Berger et al.*
+
+2003
+
+* ACM Symposium on Operating Systems Principles, [Xen and the Art of Virtualization](http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdf), *Paul Barham et al.*
+
+> "This paper presents Xen, an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware in a safe and resource managed fashion, but without sacricing either performance or functionality."
+
+1998 
+
+* USENIX Security, [The Flask Security Architecture: System Support for Diverse Security Policies](https://www.cs.cmu.edu/~dga/papers/flask-usenixsec99.pdf), *Ray Spencer et al.*
+
+1981
 
-1998 USENIX Security, [The flask security architecture: System support for diverse security policies](https://www.cs.cmu.edu/~dga/papers/flask-usenixsec99.pdf), *Ray Spencer et al.*
+* IBM Journal of Research & Development, [The Origin of the VM/370 Time-sharing System](http://lass.cs.umass.edu/~shenoy/courses/fall07/papers/vm370.pdf), *R.J. Creasy*

images/jira.png

@@ -22,6 +22,13 @@ permalink: /related/
 + [Research](https://qubes-os.org/wiki/QubesResearch)
 + [Users](https://groups.google.com/forum/#!forum/qubes-users) · [Developers](https://groups.google.com/forum/#!forum/qubes-devel) · [News](http://theinvisiblethings.blogspot.com/)
 
+# Docker
+
+> "... is an open platform for developers and sysadmins to build, ship, and run distributed applications ... Docker enables apps to be quickly assembled from components and eliminates the friction between development, QA, and production environments."
+
++ [History](http://en.wikipedia.org/wiki/Docker_%28software%29)
++ [Software](https://www.docker.com/), USA
+
 # Unikernels
 
 + C/Java: [Cloudius OSV](http://osv.io), *Israel*
@@ -36,18 +43,18 @@ permalink: /related/
 
 # Ethos OS
 
-> "... provides stronger security services which are more resistant to attack and abstractions which are less prone to abuse by attackers. As an example of the former, all networking in Ethos is encrypted, authenticated, and authorized. As an example of the latter, Ethos I/O is typed (as in programming languages) ensuring that I/O conforms to declared typed and thus preventing many attacks based on ill-formed input."
+> "... provides stronger security services which are more resistant to attack and abstractions which are less prone to abuse by attackers. As an example of the former, all networking in Ethos is encrypted, authenticated, and authorized. As an example of the latter, Ethos I/O is typed (as in programming languages) ensuring that I/O conforms to declared types and thus preventing many attacks based on ill-formed input."
 
 + [U of Illinois Research](https://www.ethos-os.org/), *USA*
 
 # Proprietary
 
-+ [Bromium vSentry](http://www.bromium.com/products/vsentry.html), *USA, UK*
++ [Bromium · vSentry](http://www.bromium.com/products/vsentry.html), *USA, UK*
 + [Cloudozer](http://cloudozer.com/) · [ Erlang on Xen](http://erlangonxen.org/), *UK, Germany*
-+ [Fox IT DataDiode](https://www.fox-it.com/en/products/datadiode/), *Netherlands*
-+ [Green Hills Integrity Multivisor](http://www.ghs.com/products/rtos/integrity_virtualization.html), *USA, UK*
++ [Fox IT · DataDiode](https://www.fox-it.com/en/products/datadiode/), *Netherlands*
++ [Green Hills · Integrity Multivisor](http://www.ghs.com/products/rtos/integrity_virtualization.html), *USA, UK*
 + [Moka5](http://www.moka5.com/), *USA*
-+ [Raytheon Trusted Thin Client](https://www.trustedcs.com/products/TrustedThinClient.html), *USA*
-+ [Secunet SINA Virtual Workstation](http://www.secunet.com/en/topics-solutions/high-security/sina/sina-workstation/), *Germany*
-+ [Tresys VMFortress](http://www.tresys.com/products/vm-fortress.php), *USA*
++ [Raytheon · Trusted Thin Client](https://www.trustedcs.com/products/TrustedThinClient.html), *USA*
++ [Secunet · SINA Virtual Workstation](http://www.secunet.com/en/topics-solutions/high-security/sina/sina-workstation/), *Germany*
++ [Tresys · VMFortress](http://www.tresys.com/products/vm-fortress.php), *USA*