[Xense-devel] questions about isolation model and GVTPM

I am interesting in vitrualization and tcpa.I want to do some research on Xen platform to present a more trusted VMM. I think the key points are isolation and integrity.

With isoliation, I want to use uninterference policy to confine the communication between xen and domains with device channel.That is to say, map the formal model to xen. I think now the MAC mechanism also does some isolation, the channel-control analyse with formal model is another way, especially used for confine the TCB where access control can do nothing.By the way,I think critical application also is a part of TCB.

And from Reiner, I see Xen is not a isolation VMM,or separation VMM.But I think formal analyze can benefit confinement of Xen's I/O device.

With integrity, I want to examine the GVTPM architecture and do something based on it.

My questions are: does the isolation provided by Xen for domains is strong enough from your developer's view? Is there anybody can help me to learn more about GVTPM except for a .ppt document? Something like what the function of "shared memory TPM driver" in the code? is it a backend driver? Or what is the opinion of TCG about GVTPM?

I am already much inspired by your help in the mail list.Hope I can do something to the community. Thanks!

Yours Huang

_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [Xense-devel] What's the status for this project?, Reiner Sailer

Next by Date:

TICKET: 34003109816, THE EUROPEAN SPORT FANS

Previous by Thread:

[Xense-devel] What's the status for this project?, Li, Yin

Next by Thread:

TICKET: 34003109816, THE EUROPEAN SPORT FANS

Indexes:

[Date] [Thread] [Top] [All Lists]