Bart Miller – October 22 nd, 2012.  TCB & Threat Model  Xen Platform  Xoar Architecture Overview  Xoar Components  Design Goals  Results  Security.

Slides:



Advertisements
Similar presentations
Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.
Advertisements

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.
Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines J. LeVasseur V. Uhlig J. Stoess S. G¨otz University of Karlsruhe,
Ian Pratt SVP, Products Bromium Inc.
Virtual Switching Without a Hypervisor for a More Secure Cloud Xin Jin Princeton University Joint work with Eric Keller(UPenn) and Jennifer Rexford(Princeton)
Virtual Machine Technology Dr. Gregor von Laszewski Dr. Lizhe Wang.
Breaking Up is Hard to Do Security and Functionality in a Commodity Hypervisor 1 Patrick Colp†, Mihir Nanavati†, Jun Zhu‡ William Aiello†, George Coker*,
Trusted Ring: A Security Enhancing Software Architecture Michael DiRossi, Inventor The Johns Hopkins University Applied Physics Laboratory.
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
Sony White House Anthem Lockheed Aramco Bushehr nuclear reactor NSA Hacked Facebook Hacked Apple,Google,Microsoft,
Server Virtualization Gina Myers. Definition Creating virtual machines (VMs) “VMs are software entities that emulate a real machine’s functionality” ◦
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
Virtualization: An Overview Brendan Lynch. Forms of virtualization In all cases virtualization is taking a physical component and simulating the interface.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
Jakub Szefer, Eric Keller, Ruby B. Lee Jennifer Rexford Princeton University CCS October, 2011 報告人:張逸文.
Security Architecture
Virtualization Concepts Presented by: Mariano Diaz.
Benefits: Increased server utilization Reduced IT TCO Improved IT agility.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Improving Network I/O Virtualization for Cloud Computing.
Cosc 4010 Sandboxing. Last lecture Last time, we covered chroot, which is a method to "sandbox" a problem. –Not full proof by any means. Many simple mistakes.
Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.
Politecnico di Torino Dipartimento di Automatica ed Informatica TORSEC Group Performance of Xen’s Secured Virtual Networks Emanuele Cesena Paolo Carlo.
COMS E Cloud Computing and Data Center Networking Sambit Sahu
CS533 Concepts of Operating Systems Jonathan Walpole.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
G53SEC 1 Reference Monitors Enforcement of Access Control.
Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.
Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.
Self-service Cloud Computing Presented by: Yu Bai (ybai181) Butt, S., Lagar-Cavilla, H. A., Srivastava, A., & Ganapathy, V. (2012, October). Self-service.
The xCloud and Design Alternatives Presented by Lavone Rodolph.
Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.
Operating Systems Security
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Security Vulnerabilities in A Virtual Environment
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.
Full and Para Virtualization
© Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Restricted Module 7.
DATA COMPROMISE Controlling the flow of sensitive electronic information remains a major challenge, ranging from theft to accidental violation of policies.
Enforcing Executing-Implies-Verified with the Integrity-Aware Processor Michael LeMay Carl A. Gunter University of Illinois at Urbana-Champaign Modified.
Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.
Software Security CSE 545 – Software Security Spring 2016 Adam Doupé Arizona State University
Module 7: Designing Security for Accounts and Services.
Ms. Tracy  Identify the purpose of an operating system.  Identify different operating systems.  Describe computer user interaction with multiple.
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
Computer Science Infrastructure Security for Virtual Cloud Computing Peng Ning 04/08/111BITS/ Financial Services Roundtable Supported by the US National.
Chapter 9 – Cloud Security. Contents Security in an interconnected world, cloud security risks. Attacks in a cloud environment, top threats. Security,
Virtualization for Cloud Computing
Virtualization.
Securing Network Servers
Breaking Up is Hard to Do
Why VT-d Direct memory access (DMA) is a method that allows an input/output (I/O) device to send or receive data directly to or from the main memory, bypassing.
Presented by Yoon-Soo Lee
The changing of the guard
Device Guard: AppLocker on steroids
By Dunlap, King, Cinar, Basrai, Chen
I'm Kenichi Kourai from Kyushu Institute of Technology.
Shielding applications from an untrusted cloud with Haven
PLANNING A SECURE BASELINE INSTALLATION
First Principles of Cybersecurity
Presentation transcript:

Bart Miller – October 22 nd, 2012

 TCB & Threat Model  Xen Platform  Xoar Architecture Overview  Xoar Components  Design Goals  Results  Security  Vulnerability Mitigation  Performance

 Trusted Computing Base is defined as “the totality of protection mechanisms within a computer system – including hardware, firmware, and software – the combination of which is responsible for enforcing a security policy.”  Xen, by virtue of privilege, is part of the TCB

 In Xen, all components operate under a monolithic trust domain  Compromise of any component yields two benefits:  Gain privilege level of component  Access its interfaces to other components

 Assumption #1: Administrators are not a concern  Business imperative  Assumption #2: Malicious guest VM  Violate data integrity or confidentiality  Exploiting code  Assumption #3: The control VM will contain bugs

 Device drivers  Virtualized, passed-through, or emulated  XenStore  Hierarchical key-value store  System-wide registry  Most critical component ▪ Vulnerable to DoS attacks ▪ Perform most administrative operations

 Toolstack  Administrative functions  Create, destroy, managing resources and privilege for guest VMs  System Boot  Starts DomO process, initialize hardware

 Reduce privilege  Each component should only have the privileges essential to its purpose  Each component should only expose interfaces when necessary

 Reduce sharing  Sharing components should be avoided wherever it is reasonable  Any sharing of components must be explicit  Allows for logging and auditing in the event of a compromise

 Reduce staleness  A component should only run for as long as it needs to perform its task.  It should be restored to a known, good state as frequently as practicable.

 Reduced TCB  Bootstrapper, PCIBack, and Builder are most privileged components  Bootstrapper and PCIBack destroyed once initialized  TCB reduced ▪ Linux: 7.6M LoC ▪ Builder: 13,5k LoC (Builder)

 Solved through isolation  Device Emulation  Virtualized Drivers  XenStore, re-written  Hypervisor vulnerabilities remain

 Test system  Ca server  Quad-core Xeon, 4Gb RAM  All virtualization features enabled  Memory overhead  512Mb – 896Mb in Xoar vs.  750Mb in XenServer

 Any questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.