|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xense-devel] questions about isolation model and GVTPM
Hello Huang, >Hi guys, >I am interesting in vitrualization and tcpa.I want to do some research on Xen platform to present a more trusted VMM. I think the key points are isolation and integrity. >With isoliation, I want to use uninterference policy to confine the communication between xen and domains with device channel.That is to say, map the formal model to xen. I think now the MAC mechanism also does >some isolation, the channel-control analyse with formal model is another way, especially used for confine the TCB where access control can do nothing.By the way,I think critical application also is a part of TCB. >And from Reiner, I see Xen is not a isolation VMM,or separation VMM.But I think formal analyze can benefit confinement of Xen's I/O device. >With integrity, I want to examine the GVTPM architecture and do something based on it. >My questions are: does the isolation provided by Xen for domains is strong enough from your developer's view? Is there anybody can help me to learn more about GVTPM except for a .ppt document? Something like >what the function of "shared memory TPM driver" in the code? is it a backend driver? Or what is the opinion of TCG about GVTPM? The function of the shared memory driver is to send TPM request from a guest domain to the virtual TPM running in another domain. The virtual TPM is listening for commands on top of the TPM backend driver. I don't know about the offiicial opionion of the TCG about 'GVTPM', but maybe representatives from Intel can tell you more about it. Regards, Stefan _______________________________________________ Xense-devel mailing list Xense-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xense-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |