Hardening Linux for Confidential Cloud Computing - Deep Dive and Results
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the intricacies of hardening Linux guest systems for confidential cloud computing in this 50-minute technical deep dive presented by Elena Reshetova from Intel. Delve into the evolving security landscape where cloud tenants no longer need to trust the software stack provided by Cloud Service Providers. Examine the efforts to enhance the mainline Linux kernel for use as a secure VM guest kernel, focusing on the treatment of individual kernel subsystems and communication mechanisms. Learn about implemented hardening security mechanisms and gain insights from fuzzing and manual code audit activities. Discover open-source tools and documentation for the project, and engage with discussion points on memory management, transit execution attacks, and other critical aspects of Linux guest hardening for confidential cloud environments.
Syllabus
Introduction
Agenda
Why Harden
Methodology
Approach
MSR
cpids
portal
mmio
PCI config space
KVM specific inputs
Shared Memory
Randomness
Timers
ICPI
Panic
Memory Management
Transit Execution Attacks
Example
Results
Discussion Point
Documentation
Taught by
Linux Foundation
Tags
Related Courses
Software as a ServiceUniversity of California, Berkeley via Coursera Software Defined Networking
Georgia Institute of Technology via Coursera Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera Web-Technologien
openHPI Données et services numériques, dans le nuage et ailleurs
Certificat informatique et internet via France Université Numerique