SlideShare a Scribd company logo

LCEU13: Securing your cloud with Xen's advanced security features - George Dunlap, Citrix

The Linux Foundation
The Linux Foundation

Xen is a mature enterprise-grade virtual machine with many advanced security features which are unique to Xen. For this reason it's the hypervisor of choice for the NSA, the DoD, and the new QubesOS Secure Desktop project. While much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, XSM, and so on are not enabled by default. This session will describe all of the advanced security features of Xen, and the best way to configure them for the Cloud environment. When the audience leaves, they should have a general framework to evaluate the security of their system, know the key security features of Xen, and have a basic framework of knowledge to help them make sense of the documentation. This talk will *not* go into mind-numbing detail about specific commands to type or configuration options.

TechnologyNews & Politics
1 of 150
Download to read offline
Intro Network path Bootloader Device model Xen Conclusion Securing your cloud with Xen’s advanced security features George Dunlap Edinburgh – 21-23 October, 2013
Intro Network path Bootloader Device model Xen Conclusion Xen: an open-source, enterprise-grade, type I hypervisor Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 2 / 33
Intro Network path Bootloader Device model Xen Conclusion Built for the Cloud before it was called the Cloud Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 2 / 33
Intro Network path Bootloader Device model Xen Conclusion Advanced security features Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 3 / 33
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 4 / 33
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 4 / 33
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 4 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM FLASK example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
Intro Network path Bootloader Device model Xen Conclusion Xen Architecture dom 0 device model (qemu) toolstack Hardware Drivers netback blkback Paravirtualized (PV) Domain netfront blkfront Fully Virtualized (HVM) Domain Xen Hypervisor I/O Devices Edinburgh – 21-23 October, 2013 CPU Memory Hardware Securing your cloud with Xen’s advanced security features 6 / 33
Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 7 / 33
Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Attacker can access guest network Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 7 / 33
Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Attacker can access guest network Attacker controls one guest OS Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 7 / 33
Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? What is the interface like? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? What is the interface like? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? What is the interface like? Defense-in-depth Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 PV guests with pygrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 PV guests with pygrub HVM guests with qemu running in domain 0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Bugs in bridging / filtering Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Bugs in bridging / filtering Bugs in netback via the ring protocol Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 11 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Control of domain 0 kernel Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 11 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Control of domain 0 kernel Pretty much control of the whole system Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 11 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 12 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware What is it? Unprivileged VM which drives hardware, provides access to guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 12 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Control of NIC Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Control of NIC Opportunity to attack netfront of other guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration vif = [ ’type=pv, bridge=xenbr0, backend=domnet’ ] Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration vif = [ ’type=pv, bridge=xenbr0, backend=domnet’ ] http://wiki.xen.org/wiki/Driver Domain Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Reads guest FS, parses grub.conf, presents menu Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Reads guest FS, parses grub.conf, presents menu Passes resulting kernel image to domain builder Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Bugs in menu parser Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Bugs in menu parser Bugs in kernel / initrd image parsers Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub kernel Paravirtualized (PV) Domain guest disk Xen Hypervisor What does it buy you? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 17 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub kernel Paravirtualized (PV) Domain guest disk Xen Hypervisor What does it buy you? Control of domain 0 user space Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 17 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub kernel Paravirtualized (PV) Domain guest disk Xen Hypervisor What does it buy you? Control of domain 0 user space Pretty much control of the whole system Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 17 / 33
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 18 / 33
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Passing a known-good kernel from domain 0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 18 / 33
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Passing a known-good kernel from domain 0 Removes attacker avenue to domain builder Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 18 / 33
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 19 / 33
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Host admin must keep up with kernel updates Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 19 / 33
Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Host admin must keep up with kernel updates Guest admin can’t pass kernel parameters, custom kernels, Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 19 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Now an exploit buys you: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Now an exploit buys you: Control of your own VM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as kernel in guest config Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as kernel in guest config kernel=”/usr/lib/xen/boot/pvgrub-x86 32.gz” Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as kernel in guest config kernel=”/usr/lib/xen/boot/pvgrub-x86 32.gz” http://wiki.xen.org/wiki/Pvgrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Hardware Drivers Fully Virtualized (HVM) Domain Xen Hypervisor How to break in? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 22 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor How to break in? Bugs in NIC emulator parsing packets Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 22 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor How to break in? Bugs in NIC emulator parsing packets Bugs in emulation of virtual devices Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 22 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Not hypothetical Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Not hypothetical Three exploitable bugs found in qemu last 2 years Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain Hardware Drivers device model minios Fully Virtualized (HVM) Domain Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 24 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain Hardware Drivers device model minios Fully Virtualized (HVM) Domain Xen Hypervisor What is it? Stub domain: a small “service” domain running just one application Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 24 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain Hardware Drivers device model minios Fully Virtualized (HVM) Domain Xen Hypervisor What is it? Stub domain: a small “service” domain running just one application qemu stub domain: run each qemu in its own domain Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 24 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain device model Hardware Drivers minios Fully Virtualized (HVM) Domain Xen Hypervisor Now an exploit buys you: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 25 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain device model Hardware Drivers minios Fully Virtualized (HVM) Domain Xen Hypervisor Now an exploit buys you: Control of the stubom VM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 25 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain device model Hardware Drivers minios Fully Virtualized (HVM) Domain Xen Hypervisor Now an exploit buys you: Control of the stubom VM Access to PV interfaces Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 25 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config device model stubdomain override = 1 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config device model stubdomain override = 1 http://wiki.xen.org/wiki/Device Model Stub Domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Shared address space Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Shared address space Survey of security updates looks statistically similar Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Shared address space Survey of security updates looks statistically similar Security practice: If you can’t use stub domains, use PV VMs Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Uses same concepts, tools as SELinux Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Uses same concepts, tools as SELinux Allows a policy to restrict hypercalls Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy This contains example roles for dom0, domU, stub domains, driver domains, &c Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] http://wiki.xen.org/wiki/Xen Security Modules : XSMFLASK Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] http://wiki.xen.org/wiki/Xen Security Modules : XSMFLASK WARNING: In 4.3, the example policy not extensively tested. Use with care! Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM FLASK example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 32 / 33
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 32 / 33
Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 32 / 33
Intro Network path Bootloader Device model Xen Conclusion Questions Questions? More info at http://wiki.xen.org/wiki/Securing Xen Check out our blog: http://blog.xen.org/ Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 33 / 33

Recommended

OWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for CloudsOWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for CloudsThe Linux Foundation
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesThe Linux Foundation
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekThe Linux Foundation
 
Erlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stackErlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stackViktor Sovietov
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondThe Linux Foundation
 
Xen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudXen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudThe Linux Foundation
 
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPLinuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
 
Rootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationRootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationThe Linux Foundation
 

Recommended

OWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for CloudsOWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for CloudsThe Linux Foundation
 
LF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesLF Collaboration Summit: Xen Project 4 4 Features and Futures
LF Collaboration Summit: Xen Project 4 4 Features and FuturesThe Linux Foundation
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekThe Linux Foundation
 
Erlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stackErlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stackViktor Sovietov
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondThe Linux Foundation
 
Xen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudXen Project Hypervisor for the Cloud
Xen Project Hypervisor for the CloudThe Linux Foundation
 
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPLinuxcon EU : Virtualization in the Cloud featuring Xen and XCP
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
 
Rootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationRootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationThe Linux Foundation
 
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek
Securing Your Cloud With the Xen Hypervisor by Russell PavlicekSecuring Your Cloud With the Xen Hypervisor by Russell Pavlicek
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicekbuildacloud
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...The Linux Foundation
 
Securing your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresSecuring your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresThe Linux Foundation
 
OSCON14: Mirage 2.0
OSCON14: Mirage 2.0 OSCON14: Mirage 2.0
OSCON14: Mirage 2.0 The Linux Foundation
 
BSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSDBSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSDThe Linux Foundation
 
Aplura virtualization slides
Aplura virtualization slidesAplura virtualization slides
Aplura virtualization slidesThe Linux Foundation
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...The Linux Foundation
 
Why xen slides
Why xen slidesWhy xen slides
Why xen slidesThe Linux Foundation
 
Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Russell Pavlicek
 
Xen time machine
Xen time machineXen time machine
Xen time machineThe Linux Foundation
 
Using and Understanding Xen4Centos
Using and Understanding Xen4CentosUsing and Understanding Xen4Centos
Using and Understanding Xen4CentosThe Linux Foundation
 
BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform The Linux Foundation
 
Getting Started with XenServer and OpenStack.pptx
Getting Started with XenServer and OpenStack.pptxGetting Started with XenServer and OpenStack.pptx
Getting Started with XenServer and OpenStack.pptxOpenStack Foundation
 
Performance Tuning Xen
Performance Tuning XenPerformance Tuning Xen
Performance Tuning XenThe Linux Foundation
 
LFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondLFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondThe Linux Foundation
 
Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Russell Pavlicek
 
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...The Linux Foundation
 
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...The Linux Foundation
 
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary session
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary sessionLinaro Connect Asia 13 : Citrix - Xen on ARM plenary session
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary sessionThe Linux Foundation
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 
Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft DefenderRahul Khengare
 
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis
 

More Related Content

What's hot

Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek
Securing Your Cloud With the Xen Hypervisor by Russell PavlicekSecuring Your Cloud With the Xen Hypervisor by Russell Pavlicek
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicekbuildacloud
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...The Linux Foundation
 
Securing your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresSecuring your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresThe Linux Foundation
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...The Linux Foundation
 
Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Russell Pavlicek
 
Using and Understanding Xen4Centos
Using and Understanding Xen4CentosUsing and Understanding Xen4Centos
Using and Understanding Xen4CentosThe Linux Foundation
 
BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform The Linux Foundation
 
Getting Started with XenServer and OpenStack.pptx
Getting Started with XenServer and OpenStack.pptxGetting Started with XenServer and OpenStack.pptx
Getting Started with XenServer and OpenStack.pptxOpenStack Foundation
 
Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Russell Pavlicek
 
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...The Linux Foundation
 
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...The Linux Foundation
 
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary session
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary sessionLinaro Connect Asia 13 : Citrix - Xen on ARM plenary session
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary sessionThe Linux Foundation
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 

What's hot (20)

Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek
Securing Your Cloud With the Xen Hypervisor by Russell PavlicekSecuring Your Cloud With the Xen Hypervisor by Russell Pavlicek
Securing Your Cloud With the Xen Hypervisor by Russell Pavlicek
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
 
Securing your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security featuresSecuring your cloud with Xen's advanced security features
Securing your cloud with Xen's advanced security features
 
OSCON14: Mirage 2.0
OSCON14: Mirage 2.0 OSCON14: Mirage 2.0
OSCON14: Mirage 2.0
 
BSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSDBSDcon Asia 2015: Xen on FreeBSD
BSDcon Asia 2015: Xen on FreeBSD
 
Aplura virtualization slides
Aplura virtualization slidesAplura virtualization slides
Aplura virtualization slides
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
 
Why xen slides
Why xen slidesWhy xen slides
Why xen slides
 
Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)Securing Your Cloud with Xen (CloudOpen NA 2013)
Securing Your Cloud with Xen (CloudOpen NA 2013)
 
Xen time machine
Xen time machineXen time machine
Xen time machine
 
Using and Understanding Xen4Centos
Using and Understanding Xen4CentosUsing and Understanding Xen4Centos
Using and Understanding Xen4Centos
 
BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform BACD July 2012 : The Xen Cloud Platform
BACD July 2012 : The Xen Cloud Platform
 
Getting Started with XenServer and OpenStack.pptx
Getting Started with XenServer and OpenStack.pptxGetting Started with XenServer and OpenStack.pptx
Getting Started with XenServer and OpenStack.pptx
 
Performance Tuning Xen
Performance Tuning XenPerformance Tuning Xen
Performance Tuning Xen
 
LFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondLFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and Beyond
 
Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)Xen 10th anniversary Status Report (at SELF 2013)
Xen 10th anniversary Status Report (at SELF 2013)
 
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
 
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
 
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary session
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary sessionLinaro Connect Asia 13 : Citrix - Xen on ARM plenary session
Linaro Connect Asia 13 : Citrix - Xen on ARM plenary session
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622
 

Similar to LCEU13: Securing your cloud with Xen's advanced security features - George Dunlap, Citrix

Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft DefenderRahul Khengare
 
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis
 
Build-a-Cloud Day - Securing Your Cloud with Xen
Build-a-Cloud Day - Securing Your Cloud with XenBuild-a-Cloud Day - Securing Your Cloud with Xen
Build-a-Cloud Day - Securing Your Cloud with XenThe Linux Foundation
 
MyTutorialON Cryptography.ppt
MyTutorialON Cryptography.pptMyTutorialON Cryptography.ppt
MyTutorialON Cryptography.ppthalosidiq1
 
Scale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zoneScale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zoneThe Linux Foundation
 
Networking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and SwarmNetworking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and SwarmAbhinandan P.b
 
Networking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarmNetworking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarmDocker, Inc.
 
Container security
Container securityContainer security
Container securityAnthony Chow
 
Securing the Socks Shop
Securing the Socks ShopSecuring the Socks Shop
Securing the Socks ShopJason Smith
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
 
Scale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorScale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorThe Linux Foundation
 
Encode x NEAR: Technical Overview of NEAR 1
Encode x NEAR: Technical Overview of NEAR 1Encode x NEAR: Technical Overview of NEAR 1
Encode x NEAR: Technical Overview of NEAR 1KlaraOrban
 
Europe Cloud Summit - Security hardening of public cloud services
Europe Cloud Summit - Security hardening of public cloud servicesEurope Cloud Summit - Security hardening of public cloud services
Europe Cloud Summit - Security hardening of public cloud servicesRuncy Oommen
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsAnne Nicolas
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the LineThe Linux Foundation
 
CloudNativeTurkey - Lines of Defence.pdf
CloudNativeTurkey - Lines of Defence.pdfCloudNativeTurkey - Lines of Defence.pdf
CloudNativeTurkey - Lines of Defence.pdfKoray Oksay
 
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...José Ferreiro
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsteam-WIBU
 
LFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorLFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorThe Linux Foundation
 

Similar to LCEU13: Securing your cloud with Xen's advanced security features - George Dunlap, Citrix (20)

Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft Defender
 
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael SchwarzgornTrivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
Trivadis TechEvent 2017 Oracle on azure by Michael Schwarzgorn
 
Build-a-Cloud Day - Securing Your Cloud with Xen
Build-a-Cloud Day - Securing Your Cloud with XenBuild-a-Cloud Day - Securing Your Cloud with Xen
Build-a-Cloud Day - Securing Your Cloud with Xen
 
MyTutorialON Cryptography.ppt
MyTutorialON Cryptography.pptMyTutorialON Cryptography.ppt
MyTutorialON Cryptography.ppt
 
Scale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zoneScale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zone
 
Networking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and SwarmNetworking in Docker EE 2.0 with Kubernetes and Swarm
Networking in Docker EE 2.0 with Kubernetes and Swarm
 
Networking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarmNetworking in docker ee with kubernetes and swarm
Networking in docker ee with kubernetes and swarm
 
Container security
Container securityContainer security
Container security
 
Securing the Socks Shop
Securing the Socks ShopSecuring the Socks Shop
Securing the Socks Shop
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
 
Scale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen HypervisorScale 12x Securing Your Cloud with The Xen Hypervisor
Scale 12x Securing Your Cloud with The Xen Hypervisor
 
Encode x NEAR: Technical Overview of NEAR 1
Encode x NEAR: Technical Overview of NEAR 1Encode x NEAR: Technical Overview of NEAR 1
Encode x NEAR: Technical Overview of NEAR 1
 
Europe Cloud Summit - Security hardening of public cloud services
Europe Cloud Summit - Security hardening of public cloud servicesEurope Cloud Summit - Security hardening of public cloud services
Europe Cloud Summit - Security hardening of public cloud services
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the Line
 
CloudNativeTurkey - Lines of Defence.pdf
CloudNativeTurkey - Lines of Defence.pdfCloudNativeTurkey - Lines of Defence.pdf
CloudNativeTurkey - Lines of Defence.pdf
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
Setting up a private cloud for academic environment with OSS by Zoran Pantic ...
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environments
 
LFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project HypervisorLFNW2014 Advanced Security Features of Xen Project Hypervisor
LFNW2014 Advanced Security Features of Xen Project Hypervisor
 

More from The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxThe Linux Foundation
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...The Linux Foundation
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderThe Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...The Linux Foundation
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixThe Linux Foundation
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdThe Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...The Linux Foundation
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DThe Linux Foundation
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsThe Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...The Linux Foundation
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEThe Linux Foundation
 

More from The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 

Recently uploaded

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 

Recently uploaded (20)

Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 

LCEU13: Securing your cloud with Xen's advanced security features - George Dunlap, Citrix

  • 1. Intro Network path Bootloader Device model Xen Conclusion Securing your cloud with Xen’s advanced security features George Dunlap Edinburgh – 21-23 October, 2013
  • 2. Intro Network path Bootloader Device model Xen Conclusion Xen: an open-source, enterprise-grade, type I hypervisor Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 2 / 33
  • 3. Intro Network path Bootloader Device model Xen Conclusion Built for the Cloud before it was called the Cloud Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 2 / 33
  • 4. Intro Network path Bootloader Device model Xen Conclusion Advanced security features Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 3 / 33
  • 5. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 4 / 33
  • 6. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 4 / 33
  • 7. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 4 / 33
  • 8. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 9. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 10. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 11. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 12. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 13. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 14. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 15. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 16. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM FLASK example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 5 / 33
  • 17. Intro Network path Bootloader Device model Xen Conclusion Xen Architecture dom 0 device model (qemu) toolstack Hardware Drivers netback blkback Paravirtualized (PV) Domain netfront blkfront Fully Virtualized (HVM) Domain Xen Hypervisor I/O Devices Edinburgh – 21-23 October, 2013 CPU Memory Hardware Securing your cloud with Xen’s advanced security features 6 / 33
  • 18. Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 7 / 33
  • 19. Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Attacker can access guest network Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 7 / 33
  • 20. Intro Network path Bootloader Device model Xen Conclusion Security Overview Threat Model Attacker can access guest network Attacker controls one guest OS Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 7 / 33
  • 21. Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
  • 22. Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? What is the interface like? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
  • 23. Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? What is the interface like? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
  • 24. Intro Network path Bootloader Device model Xen Conclusion Security Overview Security considerations How much code is accessible? What is the interface like? Defense-in-depth Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 8 / 33
  • 25. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
  • 26. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
  • 27. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
  • 28. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
  • 29. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
  • 30. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 PV guests with pygrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
  • 31. Intro Network path Bootloader Device model Xen Conclusion Example System Hardware setup Two networks: control network, guest network IOMMU with interrupt remapping (AMD or Intel VT-d v2) Default configuration Network drivers in dom0 PV guests with pygrub HVM guests with qemu running in domain 0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 9 / 33
  • 32. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
  • 33. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
  • 34. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Bugs in bridging / filtering Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
  • 35. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware How to break in? Bugs in hardware driver Bugs in bridging / filtering Bugs in netback via the ring protocol Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 10 / 33
  • 36. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 11 / 33
  • 37. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Control of domain 0 kernel Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 11 / 33
  • 38. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Network path dom 0 toolstack Domain netfront iptables bridge Rogue Domain NIC Driver netback netfront Xen Hypervisor Control NIC Guest NIC Hardware What does it buy you? Control of domain 0 kernel Pretty much control of the whole system Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 11 / 33
  • 39. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 12 / 33
  • 40. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware What is it? Unprivileged VM which drives hardware, provides access to guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 12 / 33
  • 41. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
  • 42. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
  • 43. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
  • 44. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Control of NIC Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
  • 45. Intro Network path Bootloader Device model Xen Conclusion Security feature: Driver Domains dom 0 Domain toolstack netfront Driver Domain iptables NIC Driver NIC Driver bridge netback Rogue Domain netfront Xen Hypervisor Control NIC Guest NIC Hardware Now an exploit buys you: Control of a PV VM (PV hypercall interface) Guest network traffic Control of NIC Opportunity to attack netfront of other guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 13 / 33
  • 46. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 47. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 48. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 49. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 50. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 51. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 52. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 53. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 54. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 55. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration vif = [ ’type=pv, bridge=xenbr0, backend=domnet’ ] Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 56. Intro Network path Bootloader Device model Xen Conclusion HowTo: Driver Domains Create a VM with appropriate drivers Any distro supporting dom0 should do Install the xen-related hotplug scripts Just installing the xen tools in the VM is usually good enough Give the VM access to the physical NIC with PCI pass-through Configure the network topology in the driver domain Just like you would for dom0 Configure the guest vif to use the new domain ID Add backend=domnet to vif declaration vif = [ ’type=pv, bridge=xenbr0, backend=domnet’ ] http://wiki.xen.org/wiki/Driver Domain Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 14 / 33
  • 57. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
  • 58. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
  • 59. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
  • 60. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Reads guest FS, parses grub.conf, presents menu Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
  • 61. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? grub implementation for PV guests Python program running in domain 0 Reads guest FS, parses grub.conf, presents menu Passes resulting kernel image to domain builder Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 15 / 33
  • 62. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
  • 63. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
  • 64. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Bugs in menu parser Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
  • 65. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub Paravirtualized (PV) Domain guest disk Xen Hypervisor How to break in? Bugs in file system parser Bugs in menu parser Bugs in kernel / initrd image parsers Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 16 / 33
  • 66. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub kernel Paravirtualized (PV) Domain guest disk Xen Hypervisor What does it buy you? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 17 / 33
  • 67. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub kernel Paravirtualized (PV) Domain guest disk Xen Hypervisor What does it buy you? Control of domain 0 user space Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 17 / 33
  • 68. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Pygrub dom 0 toolstack domain builder pygrub kernel Paravirtualized (PV) Domain guest disk Xen Hypervisor What does it buy you? Control of domain 0 user space Pretty much control of the whole system Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 17 / 33
  • 69. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 18 / 33
  • 70. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Passing a known-good kernel from domain 0 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 18 / 33
  • 71. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor What is it? Passing a known-good kernel from domain 0 Removes attacker avenue to domain builder Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 18 / 33
  • 72. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 19 / 33
  • 73. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Host admin must keep up with kernel updates Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 19 / 33
  • 74. Intro Network path Bootloader Device model Xen Conclusion Security practice: Fixed kernels dom 0 kernel image toolstack domain builder Paravirtualized (PV) Domain guest disk Xen Hypervisor Disadvantages Host admin must keep up with kernel updates Guest admin can’t pass kernel parameters, custom kernels, Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 19 / 33
  • 75. Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
  • 76. Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
  • 77. Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
  • 78. Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Now an exploit buys you: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
  • 79. Intro Network path Bootloader Device model Xen Conclusion Security feature: pvgrub dom 0 toolstack domain builder pvgrub MiniOS guest disk Xen Hypervisor What is it? MiniOS + pv port of grub running in a guest context PV equivalent of HVM “BIOS + grub” Now an exploit buys you: Control of your own VM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 20 / 33
  • 80. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 81. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 82. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 83. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 84. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 85. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as kernel in guest config Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 86. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as kernel in guest config kernel=”/usr/lib/xen/boot/pvgrub-x86 32.gz” Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 87. Intro Network path Bootloader Device model Xen Conclusion HowTo: pvgrub Make sure that you have the pvgrub image pvgrub-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Use appropriate pvgrub as kernel in guest config kernel=”/usr/lib/xen/boot/pvgrub-x86 32.gz” http://wiki.xen.org/wiki/Pvgrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 21 / 33
  • 88. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Hardware Drivers Fully Virtualized (HVM) Domain Xen Hypervisor How to break in? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 22 / 33
  • 89. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor How to break in? Bugs in NIC emulator parsing packets Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 22 / 33
  • 90. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor How to break in? Bugs in NIC emulator parsing packets Bugs in emulation of virtual devices Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 22 / 33
  • 91. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
  • 92. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
  • 93. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
  • 94. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Not hypothetical Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
  • 95. Intro Network path Bootloader Device model Xen Conclusion Attack surface: Device model (qemu) dom 0 device model (qemu) toolstack Fully Virtualized (HVM) Domain Hardware Drivers Xen Hypervisor What does it buy you? Domain 0 privileged userspace Pretty much control of the whole system Not hypothetical Three exploitable bugs found in qemu last 2 years Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 23 / 33
  • 96. Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain Hardware Drivers device model minios Fully Virtualized (HVM) Domain Xen Hypervisor What is it? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 24 / 33
  • 97. Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain Hardware Drivers device model minios Fully Virtualized (HVM) Domain Xen Hypervisor What is it? Stub domain: a small “service” domain running just one application Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 24 / 33
  • 98. Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain Hardware Drivers device model minios Fully Virtualized (HVM) Domain Xen Hypervisor What is it? Stub domain: a small “service” domain running just one application qemu stub domain: run each qemu in its own domain Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 24 / 33
  • 99. Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain device model Hardware Drivers minios Fully Virtualized (HVM) Domain Xen Hypervisor Now an exploit buys you: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 25 / 33
  • 100. Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain device model Hardware Drivers minios Fully Virtualized (HVM) Domain Xen Hypervisor Now an exploit buys you: Control of the stubom VM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 25 / 33
  • 101. Intro Network path Bootloader Device model Xen Conclusion Security feature: qemu stub domains dom 0 toolstack Stub Domain device model Hardware Drivers minios Fully Virtualized (HVM) Domain Xen Hypervisor Now an exploit buys you: Control of the stubom VM Access to PV interfaces Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 25 / 33
  • 102. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 103. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 104. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 105. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 106. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 107. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 108. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config device model stubdomain override = 1 Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 109. Intro Network path Bootloader Device model Xen Conclusion HowTo: qemu stub domains Make sure that you have the stubdom image: ioemu-$ARCH.gz Normally lives in /usr/lib/xen/boot Included in Fedora Xen packages Debian-based: need to build yourself Specify stub domains in your guest config device model stubdomain override = 1 http://wiki.xen.org/wiki/Device Model Stub Domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 26 / 33
  • 110. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 111. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 112. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 113. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 114. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 115. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 116. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 117. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Shared address space Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 118. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Shared address space Survey of security updates looks statistically similar Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 119. Intro Network path Bootloader Device model Xen Conclusion Attack Surface: Xen HVM guests HVM hypercalls (Subset of PV hypercalls) Instruction emulation (MMIO, shadow pagetables) Emulated platform devices: APIC, HPET, PIT Nested virtualization PV guests PV Hypercalls Shared address space Survey of security updates looks statistically similar Security practice: If you can’t use stub domains, use PV VMs Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 27 / 33
  • 120. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
  • 121. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
  • 122. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
  • 123. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
  • 124. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Uses same concepts, tools as SELinux Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
  • 125. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What is FLASK? Xen Security Module (XSM): Xen equivalent of LSM FLASK: Framework for XSM developed by NSA Xen Equivalent of SELinux Uses same concepts, tools as SELinux Allows a policy to restrict hypercalls Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 28 / 33
  • 126. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
  • 127. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
  • 128. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
  • 129. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
  • 130. Intro Network path Bootloader Device model Xen Conclusion Security feature: FLASK example policy What can FLASK do? Basic: Restricts hypercalls to those needed by a particular guest Advanced: Allows more fine-grained granting of privileges FLASK example policy This contains example roles for dom0, domU, stub domains, driver domains, &c Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 29 / 33
  • 131. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
  • 132. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
  • 133. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
  • 134. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
  • 135. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
  • 136. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] http://wiki.xen.org/wiki/Xen Security Modules : XSMFLASK Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
  • 137. Intro Network path Bootloader Device model Xen Conclusion HowTo: Use the example FLASK policy Build Xen with XSM enabled Build the example policy Add the appropriate label to guest config files seclabel=[foo] stubdom label=[foo] http://wiki.xen.org/wiki/Xen Security Modules : XSMFLASK WARNING: In 4.3, the example policy not extensively tested. Use with care! Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 30 / 33
  • 138. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 139. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 140. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 141. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 142. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 143. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 144. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 145. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 146. Intro Network path Bootloader Device model Xen Conclusion Outline Overview of the Xen architecture Brief introduction to principles of security analysis Consider some attack surfaces Xen features we can use to make them more secure Driver domains pvgrub stub domains PV vs HVM FLASK example policy Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 31 / 33
  • 147. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 32 / 33
  • 148. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 32 / 33
  • 149. Intro Network path Bootloader Device model Xen Conclusion Goal Tools to think about security in Xen Know some key security features of Xen Equipped with the knowledge to get them working Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 32 / 33
  • 150. Intro Network path Bootloader Device model Xen Conclusion Questions Questions? More info at http://wiki.xen.org/wiki/Securing Xen Check out our blog: http://blog.xen.org/ Edinburgh – 21-23 October, 2013 Securing your cloud with Xen’s advanced security features 33 / 33