YoVDO

Securing Linux VM Boot with AMD SEV Measurement

Offered By: Linux Foundation via YouTube

Tags

Conference Talks Courses Virtualization Courses System Security Courses Hashing Courses Attack Mitigations Courses Confidential Computing Courses AMD SEV Courses

Course Description

Overview

Explore the intricacies of securing Linux virtual machine boot processes using AMD Secure Encrypted Virtualization (SEV) measurement in this informative conference talk. Delve into the challenges faced in Confidential Computing settings and understand the vulnerabilities present in VM boot processes with -kernel. Learn about the innovative solution involving a Hashes GUIDed table and its implementation to mitigate host attacks. Discover the current status of this security measure, methods for accessing injected secrets, and gain insights into future plans for enhancing VM boot security. This presentation, delivered by experts from IBM Research, offers valuable knowledge for professionals working in virtualization, cloud computing, and cybersecurity.

Syllabus

Intro
Work of many people
Confidential Computing setting
The problem
AMD SEV
VM boot process with -kernel
Host attack on boot with -kernel
Vulnerability
Hashes GUIDed table
Solution details
Attack mitigation
Caveat
Implementation status
Accessing injected secrets
Future plans


Taught by

Linux Foundation

Tags

Related Courses

Confidential Computing in Cloud and Edge
RSA Conference via YouTube The Rise of Confidential Computing
RSA Conference via YouTube Enabling Rack-Scale Confidential Computing Using Heterogeneous Trusted Execution Environment
IEEE via YouTube Architectural Extensions for Hardware Virtual Machine Isolation to Advance Confidential Computing in Public Clouds
Linux Foundation via YouTube The Open Enclave SDK - Confidential Computing with Trusted Apps
Linux Foundation via YouTube