Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Protected Execution Facility for Secure Virtual Machines

Linux Foundation via YouTube

Overview

Explore the Protected Execution Facility, an architectural modification for IBM Linux and OpenPower Linux servers, in this 42-minute conference talk by Guerney D. H. Hunt from IBM Research. Delve into the challenges of keeping applications and containers secure against attacks and compromised components in both traditional and cloud computing environments. Learn about the associated firmware, the Protected Execution Ultravisor, which enhances security for virtual machines, creating secure virtual machines (SVMs). Discover how this facility supports both normal VMs and SVMs concurrently, and understand the protections and restrictions applied to SVMs. Compare and contrast vendor approaches to providing security in potentially compromised hypervisor or OS scenarios. Gain insights into topics such as Open Source, Linux KVM, boot changes, kernel modifications, and hardware alterations necessary for implementing this security technology.

Syllabus

Introduction
Outline
Open Source
New Stuff
Protected Execution Facility
In transit
SVM
Base Principles
Overview
Linux KVM
Normal and Secure VM
Limitations
Layout
CSM blob
Boot changes
Ultravisor
Kernel Changes
Hardware Changes
Summary
IBM Secure Hardware
Questions

Taught by

Linux Foundation

Reviews

Start your review of Protected Execution Facility for Secure Virtual Machines

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.