WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] Isolation VS Performance

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] Isolation VS Performance
From: "Sameer Niphadkar" <sniphadkar@xxxxxxxx>
Date: Tue, 17 Feb 2009 14:58:29 -0500
Delivery-date: Tue, 17 Feb 2009 11:58:55 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Hello all,

Pardon my ignorance, but it seems to me that there have been numerous 
approaches when it comes to managing isolation of Xen based architectures - 
most of them focused on performance isolation - Deshane et al have done some 
work to test and measure these levels. However I wanted to know if there has 
been any work to specifically categorize and quantify the isolation approaches. 
Like right now the following models of isolation come to my mind.

1. Code based Isolation by classification - Overshadow, Hardware Enforcement of 
Application Security
2. Dom 0 disaggregation - Boxing with IOMMU, Sandboxing  
3. I/O based isolation - Netchannel 2, SV-IO, Direct n Virtual Passthrough, 
By-pass using Infiband, SR-IOV   
4. Isolation based on TPM, TCB - TVP, sHype, ref validation
5. HVM based Isolation

We can of course use a TPM based VM architecture to enhance the  security of a 
direct passthrough system. But then how good will this model be compared to a 
std system which uses just an App specific VM ? Meaning do we really need this 
advanced protection, if Yes for which apps ? Are there scenarios where we might 
need to selectively unlock security and focus on performance n vice-versa ? and 
how do we do it for virtual systems ? 


There are some other fundamental questions like -

1. What is the optimum level of isolation for a given system ?
2. How much influence does the Virtual architecture play to achieve this 
optimal level and how much better would it be compared to the phy arch ?
3. What is the influence of a particular Application - Web, mail, DBMS, E-Comm 
for a given VM in terms of performance and isolation ? App specific TCB vs 
performance
4. Has there been any study done so far to quantify the above mentioned classes 
in terms of isolation and performance  for App specific systems ?
5. Is there a Hybrid approach which we can use to achieve the best of both 
(code + I/O) ? If yes, how specific is it wrt a given model ? 

Performance Analysis metrics focus on - 

1. Throughput (response time) for native VS virtualized env
2. Workload increment affecting resource consumption
3. Values of critical sys metrics VS virtualized overhead
4. Memory usage in terms of L1, L2 and main page faults for native, virtualized 
and passthrough
5. Evaluation of apps based on practical scenarios

Code based protection focuses on -

1. Min TCB - # LOC
2. Policy enforcement using TPM (PCR, service and app code, SML)
3. Secure storage based on classification - keying, attestation

I know I've asked some very generic questions here, so it would be great to 
receive some answers esp if anyone has done this comparison and analysis. 

Thanks
Sameer

-- 
Be Yourself @ mail.com!
Choose From 200+ Email Addresses
Get a Free Account at www.mail.com


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] Isolation VS Performance, Sameer Niphadkar <=