YoVDO

LXDs - Towards Isolation of Kernel Subsystems

Offered By: USENIX via YouTube

Tags

USENIX Annual Technical Conference Courses Cybersecurity Courses System Administration Courses

Course Description

Overview

Explore a conference talk from USENIX ATC '19 that delves into Lightweight Execution Domains (LXDs) as a solution for isolating kernel subsystems. Learn about the security challenges faced by modern monolithic operating systems and how LXDs aim to confine the effects of exploits to individual kernel subsystems. Discover the difficulties in introducing isolation to kernels, including hardware limitations and kernel complexity. Examine the implementation of LXDs in performance-critical device drivers within the Linux kernel, and understand their potential to enhance kernel security with minimal modifications and overhead. Gain insights into the development of more secure operating system architectures and the ongoing efforts to mitigate kernel vulnerabilities.

Syllabus

Introduction
Why are kernels vulnerable
Challenges
Ideal
Asynchronous
Asynchronous Runtime
Device Drivers
Hardware Drivers
Limitations


Taught by

USENIX

Related Courses

Amazon DynamoDB - A Scalable, Predictably Performant, and Fully Managed NoSQL Database Service
USENIX via YouTube Faasm - Lightweight Isolation for Efficient Stateful Serverless Computing
USENIX via YouTube AC-Key - Adaptive Caching for LSM-based Key-Value Stores
USENIX via YouTube The Future of the Past - Challenges in Archival Storage
USENIX via YouTube A Decentralized Blockchain with High Throughput and Fast Confirmation
USENIX via YouTube