Hypervisors, Containers, virtual storage and SDN are Virtualization Systems. The Threats highlighted in NIAP base virtualization protection profile apply equally to Containers, virtualized storage, and SDN. As the threats are the same, the counter measures i.e. security functions that counters the threats are also the same for the aforementioned Virtualized Systems. What is different is the assurance tests to validate the Security Functions (SFRs) in the context of each component i.e. Hypervisors, Containers, virtual storage and SDN that virtualize CPU & memory, storage and network, respectively.
The below picture (derived from NIAP Virtualization Base PP) shows the generalized concept of the virtualization system:
Isolation is the core security property of Virtualization Systems. Isolation is a property.
Properties cannot be tested on computer systems, but Security Functions can be tested through well-defined assurance activities. In fact, isolation is an emergent property of Access Control and Data Protection security functions. We have well defined Common Criteria Security Functions for Access Control and Data Protection.
Access Control prevents access to a logical unit unless it has been explicitly granted. And Virtualization System needs to maintain sufficient meta-data to enforce Access Control, which needs to be protected. Data Protection Security Property provides meta-data protection. These two are the only necessary and sufficient Security Functions needed to ensure the emergent isolation security property.
Hence, one can define a single Protection Profile that covers the Security Functions for Hypervisors, containers, virtual storage systems, and SDN for Common Criteria.
