Xen is a mature enterprise-grade virtual machine with many advanced security features which are unique to Xen. For this reason it's the hypervisor of choice for the NSA, the DoD, and the new QubesOS Secure Desktop project. While much of the security of Xen is inherent in its design, many of the advanced security features, such as stub domains, driver domains, XSM, and so on are not enabled by default. This session will describe all of the advanced security features of Xen, and the best way to configure them for the Cloud environment. When the audience leaves, they should have a general framework to evaluate the security of their system, know the key security features of Xen, and have a basic framework of knowledge to help them make sense of the documentation. This talk will *not* go into mind-numbing detail about specific commands to type or configuration options.
Senior Engineer, Citrix Systems UK Ltd.
George Dunlap worked with the Xen project while a graduate student at the University of Michigan before receiving his PhD in 2006. He has done work in many areas of Xen, including performance analysis, scheduling, and memory management. He was "release coordinator" for Xen's recent 4.3 release, a role he will be continuing for 4.4. He writes technical articles for the xenproject.org blog, including one describing in detail the Intel SYSRET vulnerability, and has had articles published in... Read More →
Tuesday October 22, 2013 12:10pm - 1:00pm
Attendance numbers do not account for private attendees. Get there early!