 Home |
About Xen.org |
Xen |
Xen Summit |
Wiki |
Mailing List |
Bug Tracker |
Xen Downloads |
xense-devel
Re: [Xense-devel] ACM doesnt scale
| To: | Reiner Sailer <sailer@xxxxxxxxxx> |
|---|---|
| Subject: | Re: [Xense-devel] ACM doesnt scale |
| From: | aq <aquynh@xxxxxxxxx> |
| Date: | Sat, 25 Jun 2005 00:34:31 +0900 |
| Cc: | xense-devel@xxxxxxxxxxxxxxxxxxx |
| Delivery-date: | Fri, 24 Jun 2005 15:33:18 +0000 |
| Domainkey-signature: | a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=HLxmXYACXTa0D3zE/4zn/biy42i/K0jNxFIGxdG88rWdvfOJRLUaSXuFcZtHLKCnQv8P0DY8vZpgLjzsKMBFcQujJlUyHR6N5TLCBotYULjW16I8Udb7shxI/3uwzX4ePwgaAI30vIEERnh22Qoqt8V+zPb+hRRceifHn0q1XbM= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| In-reply-to: | <OFAC9BA6E2.BEF8D355-ON8525702A.00088F44-8525702A.0009C50D@xxxxxxxxxx> |
| List-help: | <mailto:xense-devel-request@lists.xensource.com?subject=help> |
| List-id: | "A discussion list for those developing security enhancements for Xen." <xense-devel.lists.xensource.com> |
| List-post: | <mailto:xense-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xense-devel>, <mailto:xense-devel-request@lists.xensource.com?subject=unsubscribe> |
| References: | <9cde8bff05062318192325acdf@xxxxxxxxxxxxxx> <OFAC9BA6E2.BEF8D355-ON8525702A.00088F44-8525702A.0009C50D@xxxxxxxxxx> |
| Reply-to: | aq <aquynh@xxxxxxxxx> |
| Sender: | xense-devel-bounces@xxxxxxxxxxxxxxxxxxx |
On 6/24/05, Reiner Sailer <sailer@xxxxxxxxxx> wrote: > xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 06/23/2005 09:19:16 PM: > > > On 6/23/05, Steven Hand <Steven.Hand@xxxxxxxxxxxx> wrote: > > > > > > >at the moment, ACM supports only 2 models, and the code doesnt scale > > > >enough (at all) to support more models in the future? any plan to fix > > > >that? > > > > > > Yes - the current ACM code is a proof of concept derived from the > > > IBM sHype code. The model at present is that two policies (a primary > > > and secondary) will be in place at any time, although it is intended > > > that the selection of these will be more dynamic in the future. It's > > > not yet clear if extending this will be required, but we're certainly > > > aware of the structure and limitations of the current code. > > > > > > > also the way security models are integrated into ACM doesnt scale, > either. > > Could you plesae be a little more specific about the "scaling"? What is > your > application of the ACM module that determines there's a "scaling" problem? > at the moment, all the security models (chinesewall (A) and ste (B)) are hard-coded, and we have 3 combinations of models (not count NULL policy): A, B and A_AND_B. i guess that there are more models to come in the future, suppose 3: C, D, E. so we will have much more combinations. and obviously the current organization of code in ACM doesnt scale to that change. regards, aq _______________________________________________ Xense-devel mailing list Xense-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xense-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-devel] [PATCH] choose security model for ACM at built-time, aq |
|---|---|
| Next by Date: | [Xen-devel] Re: [PATCH] choose security model for ACM at built-time, Keir Fraser |
| Previous by Thread: | Re: [Xense-devel] ACM doesnt scale, Reiner Sailer |
| Next by Thread: | Re: [Xense-devel] ACM doesnt scale, Ronald Perez |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
xen.org, 