Intel s s Security Vision for Xen

Size: px

Start display at page:

Download "Intel s s Security Vision for Xen"

Gyles Ryan
6 years ago
Views:

1 Intel s s Security Vision for Xen Carlos Rozas Intel Corporation Xen Summit April 7-8,

2 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY RELATING TO SALE AND/OR USE OF INTEL PRODUCTS, INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT, OR OTHER INTELLECTUAL PROPERTY RIGHT. Intel may make changes to specifications, product descriptions, and plans at any time, without notice. All dates provided are subject to change without notice. 2

3 Agenda Intel s Security Vision for Xen Security Enhanced Xen Intel and Security Enhanced Xen Usage Models 3

4 Intel s s Security Vision for Xen Scalable Trust Architecture Uses Intel platform technologies to enhance security solutions in Xen Small, Assurable Trusted Computing Base Keep Hypervisor Small Mandatory Access Control Domain0 decomposition Secure By Default Desktops, Mobiles, and Servers 4

5 Agenda Intel s s Security Vision for Xen Security Enhanced Xen Intel and Security Enhanced Xen Usage Models 5

6 Security Enhanced Xen Key Functional Enhancements Mandatory Access Control (MAC) TPM Support Measurement, Attestation, and Sealing Resource Control Trusted Path Key Assurance Enhancements Decomposing Domain0 to support Least Privilege and Measurement 6

7 Agenda Intel s Security Vision for Xen Security Enhanced Xen Intel and Security Enhanced Xen Usage Models 7

8 Intel and Security Enhanced Xen Platform Technologies Execute Disable Bit Intel Virtualization Technology LaGrande Technology Software Technology Virtual TPM Framework Usage Model Manageability 8

9 LaGrande Technology (LT) LT = CPU + Chipset + TPM + Protected I/O = LT specific enhancement CPU Extensions Protected launch Enables domain separation Intel CPU Protected Memory Mgmt Enforces access policy to protected memory Protected Graphics Trusted channel between graphics & trusted SW (integrated or third party discrete graphics) Protected Keyboard/Mouse* Trusted channel between Keyboard/Mouse and trusted software Intel (G)MCH ICH USB LPC RAM TPM Trusted Platform Module v1.2 Protects keys, digital certificates & attestation credentials Provides platform authentication *Trusted Keyboard Controller for Mobile 9

10 LT Benefits for Xen Increased Assurance and Isolation Protected memory allows for better isolation and enhances Xen I/O spaces Protected launch anchors Xen start-up in hardware and reduces the number of elements in the trust chain Protected graphics, keyboard, and mouse provides building blocks for enhanced trusted path 10

11 Operating System VM/ Partition Generalized Virtual TPM (GVTPM) Framework Operating System VM/ Partition Operating System VM/ Partition GVTPM Device Models (DM): Provides TPM functionality May meet different security profiles GVTPM Device Model GVTPM Manufacture Authority GVTPM Device Model GVTPM Manager Key & Session Manager TPM Driver Virtual Machine Monitor GVTPM Device Model GVTPM Protected Persistent Storage GVTPM Manager Suite Presented to TCG for consideration Create TCG Credentials for GVTPM Device Models that implement TPM 1.2 interfaces Roots the GVTPM Device Model s trust in the hardware TPM Provides management of the TPM and its resources Proof of concept validated by a prototype Trusted Platform Module 11

12 Generalized Virtual TPM Framework Benefits for Xen Flexibility in providing TPM functionality to Virtual Machines rooted in TPM hardware Transparent TPM functionality to Guest OS and applications Support multiple TPM families simultaneously Support for different security and performance profiles and vendors for each Guest OS 12

13 Agenda Intel s Security Vision for Xen Security Enhanced Xen Intel and Security Enhanced Xen Usage Models 13

Digital Office Usage Models Seamless Collaboration Office on Find

experience Usage Models Based on Needs Information Assistance

Simplified WLAN connections One logical device One bill roaming

14 Digital Office Usage Models Seamless Collaboration Office on Find & the go analyze information Small party conferencing Integrated experience Usage Models Based on Needs Information Assistance Embedded IT Embedded PC Health Client Isolation & Recovery Simplified WLAN connections One logical device One bill roaming WWAN Pervasive Connectivity Enabling real-time business - anytime, anywhere 14

Operating System Intel VT/LT Platform Usage Model: Embedded IT VT/LT Enabled Xen IT

2 Intel AMT Use Model Rich filter and quarantine operations Software Upgradeable /

channel for SW repair and information Active Management Technology (AMT) Tamper

15 Operating System Intel VT/LT Platform Usage Model: Embedded IT VT/LT Enabled Xen IT Services Manageability Agents Management Partition TPM 1.2 Intel AMT Use Model Rich filter and quarantine operations Software Upgradeable / Repairable Protect agents from malicious SW or end user decision to disable Rich OOB channel for SW repair and information Active Management Technology (AMT) Tamper Resistant Platform power state independent Replace damaged media image (IDE-R) Asset management Persistent storage 15

16 Summary Intel is committed to working with community as we did with VT to provide a more robust and trustworthy Xen platform TPM Support GVTPM Virtualization Framework LaGrande Technology Call to Action Establish milestones, deliverables, and schedules for Security Enhanced Xen 16

Lenovo ThinkCentre M90z with Intel vpro Technology. Stefan Richards Intel Corporation Business Client Platform Division

Lenovo ThinkCentre M90z with Intel vpro Technology Stefan Richards Intel Corporation Business Client Platform Division stefan.n.richards@intel.com 1 Legal Information 1. INFORMATION IN THIS DOCUMENT IS