WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xense-devel

Re: [Xense-devel] ACM doesnt scale

To: aq <aquynh@xxxxxxxxx>
Subject: Re: [Xense-devel] ACM doesnt scale
From: Ronald Perez <ronpz@xxxxxxxxxx>
Date: Fri, 24 Jun 2005 13:58:06 -0400
Cc: xense-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 24 Jun 2005 17:57:09 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <9cde8bff05062408341b43394b@xxxxxxxxxxxxxx>
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx

xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 06/24/2005 11:34:31 AM:

> On 6/24/05, Reiner Sailer <sailer@xxxxxxxxxx> wrote:
> > xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 06/23/2005 09:19:16 PM:
> >
> > > On 6/23/05, Steven Hand <Steven.Hand@xxxxxxxxxxxx> wrote:
> > > >
> > > > >at the moment, ACM supports only 2 models, and the code doesnt scale
> > > > >enough (at all) to support more models in the future? any plan to fix
> > > > >that?
> > > >
> > > > Yes - the current ACM code is a proof of concept derived from the
> > > > IBM sHype code. The model at present is that two policies (a primary
> > > > and secondary) will be in place at any time, although it is intended
> > > > that the selection of these will be more dynamic in the future. It's
> > > > not yet clear if extending this will be required, but we're certainly
> > > > aware of the structure and limitations of the current code.
> > > >
> > >
> > > also the way security models are integrated into ACM doesnt scale,
> > either.
> >
> > Could you plesae be a little more specific about the "scaling"?  What is
> > your
> > application of the ACM module that determines there's a "scaling" problem?
> >
>
> at the moment, all the security models (chinesewall (A) and ste (B))
> are hard-coded, and we have 3 combinations of models (not count NULL
> policy): A, B and A_AND_B.
>
> i guess that there are more models to come in the future, suppose 3:
> C, D, E. so we will have much more combinations. and obviously the
> current organization of code in ACM doesnt scale to that change.
>


I'm not sure I would call that a scaling issue, but I understand your point. Obviously we realize the limits of the current implementation, and that there could indeed be many more reasonable and meaningful security policies in the future. Whether three or more would need to be active concurrently is an issue that is probably best discussed in the context of these other policies. Perhaps you have some thoughts on additional policies that would benefit from coexistence with the current (or other) set of policies?

Generally, I tend to agree with Steven, Keir and Rolf that there are more pressing issues to focus on in this space.

> regards,
> aq
>


-Ron
_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel