Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Live Migration Architecture for Intel TDX-based Confidential VMs

Linux Foundation via YouTube

Overview

Explore the architecture for live migration of Intel TDX-based Confidential VMs in this 38-minute conference talk by Ravi Sahita and Jun Nakajima from Intel. Delve into the Intel Trust Domain Extension (TDX) recap, live migration goals, security properties, and functional requirements. Examine the components of Intel TDX live migration, new architectural interfaces, and cross-platform perspectives. Understand the lifecycle of TD migration and various security objectives, including confidentiality and integrity of content and exports, access control of migration TD assets, and integrity of TD migration policy. Learn about software implications on KVM, iterative pre-copy techniques, and considerations for scalability and efficiency in implementing live migration for confidential computing environments.

Syllabus

Intro
OUTLINE
INTEL TRUST DOMAIN EXTENSION (INTEL TDX) - RECAP
TO LIVE MIGRATION ARCHITECTURE GOALS
TD LIVE MIGRATION SECURITY & FUNCTIONAL PROPERTIES
INTEL TDX LIVE MIGRATION COMPONENTS
NEW INTEL TDX ARCHITECTURAL INTERFACES & MIG TD
INTEL TDX LIVE MIGRATION-CROSS PLATFORM VIEW
TD MIGRATION - LIFECYCLE
SECURITY OBJECTIVE-CONFIDENTIALITY AND INTEGRITY OF CONTA
SECURITY OBJECTIVE-CONFIDENTIALITY & INTEGRITY OF EXPORTE
SECURITY OBJECTIVE - ACCESS-CONTROL OF MIG TD ASSETS
SECURITY OBJECTIVE-INTEGRITY OF TD MIGRATION POLICY
SOFTWARE IMPLICATIONS ON KVM (CONT.)
ITERATIVE PRE-COPY
SCALABILITY AND EFFICIENCY

Taught by

Linux Foundation

Reviews

Start your review of Live Migration Architecture for Intel TDX-based Confidential VMs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.