Analyzing and Improving the Security Properties of Secret Memory

Explore the security properties of secret memory in this 28-minute conference talk presented by James Bottomley and Mike Rappoport from IBM at a Linux Foundation event. Delve into topics such as trusted kernels, container security, cloud security, and hardware assistance. Learn about the challenges of breaking out of secure environments, techniques for removing guest memory, and the process of installing page tables and modules. Gain insights into what constitutes adequate security measures and how to assess the level of security in various scenarios. Understand the importance of asking the right questions when it comes to system security and discover potential improvements to enhance the protection of sensitive information in memory.

Intro
What are your concerns
How to ask a question
Trusted kernel
Container security
Can we give Mike a mic
What is adequate
How secure is it
The difficulty of breaking out
Removing guest memory
Cloud security
Installing page tables
Installing modules
Hardware assist
Mike Rappoport