-
Welcome
-
Subscribe to
Kicking it up a Level: Bringing the Trusted Platform Module into qemu
This proposal has been accepted as a session.
One Line Summary
The Design and Implementation of a virtual Trusted Platform Module in qemu
Abstract
Every server with an Intel chip ships with a Trusted Platform Module (TPM). Virtualization of this device is one of the last remaining barriers to adoption of qemu virtualization for security conscious customers. The vTPM device will be a significant tool that can be used, among other functionalities, to verify that the Trusted Computing Base (TCB) of a guest has not been tampered. This can be used in conjunction with a host TPM to verify that the hypervisor also has not been tampered. Combine this with remote attestation, and cloud users will be able to remotely verify that the TCB of both their guests and host have not maliciously been altered with malware or other means.
Tags
virtualization, qemu, kvm, security, TPM
Speaker
-
Joel Schopp
IBM- Favorites: View Joel's favorites
Biography
Joel Schopp has been hacking on Linux for a decade. In that time he’s worked on kernel, libraries, and even userspace applications. Joel’s range of experiece is broad and include hotplug, virtualization, embedded systems, several of the world’s fastest supercomputers, hardware bringup, vector processing, and security. Joel is currently focused on virtualization security in Linux using KVM/qemu.
Sessions
-
- Title: Kicking it up a Level: Bringing the Trusted Platform Module into qemu
- Microconference: Virtualization
-
One Line Summary:
The Design and Implementation of a virtual Trusted Platform Module in qemu
- Speakers: Joel Schopp