|
|
|
|
|
|
|
|
|
|
xense-devel
Re: [Xen-devel] [PATCH][ACM] kernel enforcement of vbd policies via blkb
On Thu, 2006-07-27 at 17:26 +0100, Harry Butterworth wrote:
> untrusted driver domain <-> trusted encryption domain <-> FE-domain
> hypervisor
> trusted access control domain
Another argument in favour of this kind of approach is that if your BE
is something like a fibrechannel driver for a SAN, there isn't actually
any security on the SAN side of it so any guarantees provided by the
driver domain are pretty much worthless.
Harry.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|