| Date | October 31, 2016 |
|---|---|
| Speaker | Haibo Chen Shanghai Jiao Tong University |
| Title | Virtualization Security: The Good, The Bad and The Ugly |
| Abstract | The resurgence of virtualization has stimulated its wide adoption in desktop, cloud and mobile environments. With virtualization being a new systems software foundation, virtual machine monitors (or hypervisors) are now treated as the security foundation of the system software stack, due to the promise of being small and providing strict security isolation. In this talk, I will first question whether such a promise still holds in commodity hypervisors by reviewing the historical evolution of virtualization. Based on a negative answer, I will discuss a series of efforts to enhancing the security isolation while minimizing the trusted computing based of the virtualization stack, including leveraging a commodity hypervisor to isolate a group of process, using a nested hypervisor to transparently isolate virtual machines and completely offloading isolation functionalities into on-chip CPU. Finally, I will also describe a set of new security innovation enabled by virtualization, such as live updating, security introspection and fine-grained compartmentalization. |
| Bio | Haibo Chen is a Professor at the School of Software, Shanghai Jiao Tong University, where he founded and currently leads the Institute of Parallel and Distributed Systems (IPADS) http://ipads.se.sjtu.edu.cn. Haibo's main research interests are building scalable and dependable systems software, by leveraging cross-layering approaches spanning computer hardware system virtualization and operating systems. He received best paper awards from ICPP, APSys and EuroSys, a bestpaper nominee from HPCA and published intensively on top conferences like SOSP/OSDI/EuroSys/Usenix ATC/ISCA/MICRO/HPCA/FAST/Usenix Security/CCS. He also received the Young Computer Scientist Award from China Computer Federation, the distinguished Ph.D thesis award from China Ministry of Education and National Youth Top-notch Talent Support Program of China, as well as fault research awards/fellowships from NetApp, Google, IBM and MSRA.He is currently the steering committee co-chair of ACM APSys, the general co-chair of SOSP 2017,serves on program committees of ASPLOS 2017, Oakland 2017, EuroSys 2017 and FAST 2017, and is also on the editorial board of ACM Transactions on Storage. |
| Resources |