Improving Bootup Performance of Containers with Overlay Images in TEE Environments
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore techniques for enhancing container bootup performance in Trusted Execution Environments (TEEs) with overlay images. Delve into the challenges faced by cloud service providers when deploying containers with hardware-based TEE techniques like Intel's SGX/TDX and AMD's SEV. Learn about the "Confidential Containers" sandbox project and its impact on security and performance. Discover innovative solutions to address performance drops, including accelerating image downloads with overlayed formats, reducing key negotiation overhead with Key Management Systems (KMS), and leveraging acceleration techniques to offload image decryption from the CPU. Gain insights into balancing security requirements with acceptable performance for container tenants in public cloud environments.
Syllabus
Introduction
Agenda
Background Motivation
Background of Container
Optimization
Contributions
Raster
Conclusion
Taught by
Linux Foundation
Tags
Related Courses
Systems & Networks Seminar - Andrew Bauman - Komodo: Using Verification to Disentangle Secure-Enclave Hardware from SoftwarePaul G. Allen School via YouTube Plundervolt - Flipping Bits from Software without Rowhammer
Black Hat via YouTube When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
Black Hat via YouTube CLKscrew - Exposing the Perils of Security-Oblivious Energy Management
Black Hat via YouTube Port Contention for Fun and Profit
IEEE via YouTube