WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xense-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xense-devel] questions about isolation model and GVTPM

from [jackyhuangq] [Permanent Link][Original]
To: <xense-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xense-devel] questions about isolation model and GVTPM
From: <jackyhuangq@xxxxxxxx>
Date: Tue, 25 Apr 2006 22:40:38 +0800 (CST)
Delivery-date: Tue, 25 Apr 2006 07:40:51 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xense-devel-request@lists.xensource.com?subject=help>
List-id: "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com>
List-post: <mailto:xense-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xense-devel-bounces@xxxxxxxxxxxxxxxxxxx
Hi guys,

I am interesting in vitrualization and tcpa.I want to do some research on Xen platform to present a more trusted VMM. I think the key points are isolation and integrity.

With isoliation, I want to use uninterference policy to confine the communication between xen and domains with device channel.That is to say, map the formal model to xen. I think now the MAC mechanism also does some isolation, the channel-control analyse with formal model is another way, especially used for confine the TCB where access control can do nothing.By the way,I think critical application also is a part of TCB.

And from Reiner, I see Xen is not a isolation VMM,or separation VMM.But I think formal analyze can benefit confinement of Xen's I/O device.

With integrity, I want to examine the GVTPM architecture and do something based on it.

My questions are: does the isolation provided by Xen for domains is strong enough from your developer's view? Is there anybody can help me to learn more about GVTPM except for a .ppt document? Something like what the function of "shared memory TPM driver" in the code? is it a backend driver? Or what is the opinion of TCG about GVTPM?

I am already much inspired by your help in the mail list.Hope I can do something to the community. Thanks!

Yours Huang 

_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xense-devel] questions about isolation model and GVTPM, jackyhuangq <=
Previous by Date:  Re: [Xense-devel] What's the status for this project?, Reiner Sailer
Next by Date:  TICKET: 34003109816, THE EUROPEAN SPORT FANS
Previous by Thread:  [Xense-devel] What's the status for this project?, Li, Yin
Next by Thread:  TICKET: 34003109816, THE EUROPEAN SPORT FANS
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy