Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Protected Execution Facility: Enhancing Security for Virtual Machines

Linux Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the Protected Execution Facility, an architectural modification for IBM Linux and OpenPower Linux servers, in this informative conference talk by Guerney D. H. Hunt from IBM Research. Delve into the challenges of keeping applications and containers secure in the face of attacks and compromised components. Learn about the associated firmware, the Protected Execution Ultravisor, which provides additional security to virtual machines, known as secure virtual machines (SVMs). Discover how this facility supports both normal VMs and SVMs concurrently, and understand the protections and restrictions applied to SVMs. Compare vendor approaches to providing security in potentially compromised hypervisor or OS environments. Gain insights into creating and running SVMs, base principles, architecture implications, revocation, limitations, and boot changes. Examine interfaces to the Ultravisor ultra calls, KVM changes, kernel modifications, and hardware alterations. Conclude with a summary of the Protected Execution Facility and an overview of relevant IBM secure processor products and research.

Syllabus

Intro
Acknowledgements
Team
Objectives for Protected Execution Facility
Creating and Running SVM
Base Principles
Overview of architecture
Architecture implication for the hypervisor
Architecture at the VM level
Revocation
Limitations
Contents of ESM blob
SVM format and Booting
Steps to start Secure VM
Boot Changes
Interfaces to the Ultravior ultra calls
KVM Changes
Kernel Changes
Brief Introduction to some of the hardware changes
Summary of Protected Execution Facility
Relevant IBM secure processor products and Research

Taught by

Linux Foundation

Reviews

Start your review of Protected Execution Facility: Enhancing Security for Virtual Machines

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.