Setting the Standard for Mobile Virtualization
Posted: August 19, 2011
By Jonas Martinsson, Product Manager, Red Bend Software
Mobile virtualization will have a significant impact on how we use mobile phones in the very near future. By applying the same virtualization technology that redefined the cloud server market to the mobile market, interesting new use cases emerge, including:
- Provisioning of enterprise apps and data on a private phone with separate characteristics and secure separation between the personal and business domains
- Manufacturing of sub-$100 Android devices with one single-core processor for both the modem stack and the operating system
- Aggregation of computerized automotive systems, such as in-vehicle infotainment systems, to create a manageable platform for connected cars.
This is just scratching the surface of what mobile virtualization can deliver to the mobile market, today and going forward.
The concept of the Secure Enterprise Domain is attracting attention from operators and enterprises alike. Today, it is a common practice for employees to keep confidential corporate data, such as documents, presentations, e-mail, calendar, contacts, and customer data, on their privately owned devices. This amalgamation of personal and enterprise usage opens up a can of worms. There is a very real risk that confidential corporate data could fall into the wrong hands if the device is stolen, or the user unintentionally installs a malware-crippled app. In addition, the end user's personal data is at risk of being wiped from the device by the administrator of the enterprise Microsoft Exchange Server.
Mobile virtualization cannot solve these problems by itself. The management authority also needs to control these domains on end users’ devices, while taking advantage of current infrastructure and protocol investments for device management.
Mobile virtualization is a rapidly maturing market, and there are several products already on the market, such as Red Bend’s VLX product as well as offerings from VMware, OK Labs and others. Analysts foresee a bright future for the technology and major manufacturers and operators are already running advanced trials. Another strong indicator that the mobile virtualization market is going mainstream is the full hardware virtualization support in the ARM Cortex-A15 processor, scheduled for release later this year. Expect to see silicon from leading Cortex-A15 licensees during 2012 and handsets hitting the market shortly thereafter.
With this in mind, we at Red Bend believe it is time to standardize a client-server protocol for over-the-air management of virtualized domains. This will not be the first virtualization standard. DMTF, a standards-developing organization, specifies the Open Virtualization Format (OVF), which it describes as “an open, secure, portable, efficient and extensible format for the packaging and distribution of software to be run in virtual machines.” OVF does not target the management of virtual machines (or domains) in a distributed environment with interoperability concerns between server and device. For that reason, Red Bend proposed the Virtualization Management Object (Virtualization MO) to the Open Mobile Alliance (OMA) as a new Work Item.
The Virtualization MO enables a management authority, such as an enterprise or a mobile network operator, to provision and manage device domains over the air. The Virtualization MO is an enabler for the OMA DM protocol, and shares common architectural ground with the Gateway MO, which is expected to reach candidate status later this year. Both MOs handle the delegation of commands to end devices behind a gateway (or a hypervisor, in the case of virtualization). However, because of the fundamental differences in the scope of these enablers, it is preferable that the virtualization-specific nodes reside in a Virtualization MO branch of the DM tree, and are specified as separate management objects. Gateway MO still will be used for the bootstrap and notification use cases.
For the rest of the scenarios, the Virtualization MO specifies its own framework. The scope of the specification includes enabling the DM server to:
- Manage domains, including creating, deleting and cloning domains
- Lock and unlock domains
- Manage the domain state, including starting, stopping, pausing and resuming a domain
- Manage the system resources allocated to a domain, such as available RAM, Quality of Service (CPU and network), as well as transferring resources between domains
- Manage peripheral access, such as making and receiving voice calls, accessing Bluetooth, GPS, Wi-Fi, external memory cards, NFC, etc.
With this scope, the Virtualization MO will serve as a valuable platform for operators that want to build innovative and interoperable services leveraging exciting new mobile virtualization use cases, while continuing to build upon their existing infrastructure assets and investments in OMA DM.
The Device Management (DM) working group would develop the Virtualization MO specification with involvement by the Requirements and Architecture working groups as appropriate. The Work Item is registered with OMA as WID 0250, and was socialized in June 2011 at the Budapest face-to-face meeting with the DM, Requirements and Release Management working groups, as well as with the Technical Plenary. The official proposal for Virtualization MO is available in the material submitted to OMA.
With the support of more OMA member companies, we will be able to gain approval for the Virtualization MO and build a practical virtualization standard for the future. Our suggested plan is to make the Virtualization MO specification available as a Candidate release at the beginning of 2013. If you find mobile virtualization as impressive and game changing as we at Red Bend do, and you would like to work with us and OMA to define the future standard, please drop me a line at firstname.lastname@example.org.