Original upload: 2021 Jun 01
A New Role Model for Xen – Daniel Smith, Apertus Solutions, LLC
Xen is the only type-1 hypervisor with a flexible security architecture, Xen Security Modules (XSM). This talk will present the existing role model, a review of XSM, and improvements to the security model. The default security model for Xen enables a domain to assume a subset of the following roles: Control, Hardware, Xenstore and Device Model. Embedded systems often require a statically partitioned system with a guarantee that no new domains can be started (i.e. no control domain). However, inconsistency in domain roles makes it difficult to specify rules for static partitioning with PCI passthrough. Hyperlaunch improves the launch integrity and simplifies the security configuration of disaggregated Xen-based systems. To facilitate this, the existing role system is being reevaluated and a new role model will be proposed in this session.
For more info about the Xen Project, which is focused on advancing virtualization in a number of different commercial and open source applications, including server virtualization, Infrastructure as a services (IaaS), desktop virtualization, security applications, embedded and hardware appliances, and automotive/aviation, see: or @XenprojectOrg for more videos.
[ad_2]
source
