KVM Forum 2020 has ended
Back To Schedule
Thursday, October 29 • 07:00 - 07:30
Hypervisor Based Integrity: Protect Guest Kernel in Cloud - Ning Yang & Forrest Yuan Yu, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
There are multiple efforts from the community that tries to bring Virtualization based security into the industry and there are a number of papers published every year to discuss the benefit of this approach. Hypervisor Based Integrity(HBI) is product Google Cloud is currently investing to be the public offering for such security hardening in the Cloud. The talk will cover the place where this implementation fits in the Cloud environment, the relationship between this mechanism and other security enhancement for the Linux kernel, what HBI can protect/monitor, special challenges encountered along the road. In addition, it will also cover an overview of the new hypervisor security kernel module Google plans to upstream and show how all hypervisor/VMM can easily implement the support for it so guest VM can move across different providers while getting the same security guarantee.

avatar for Ning Yang

Ning Yang

Senior Software Developer, Google Inc
Ning is a Senior Software Developer at Google Compute Infrastructure Team. He contributes to Google internal VMM, including device emulation and guest firmware/driver support. Worked on bringing UEFI(OVMF) into Google Cloud and the Google Cloud Shielded VM project, which provides... Read More →

Forrest Yuan Yu

Software Developer, Google Inc
Forrest is a software engineer at Google working on firmware, virtualization and making GCP more secure for customers.

Thursday October 29, 2020 07:00 - 07:30 GMT
KVM Theater
  KVM Track 1