Your SlideShare is downloading. ×
0
Security in the Cloud: 
Xen, KVM, Containers 
Or, Surviving and the Zombie Apocalypse
“Some people make the mistake of thinking of containers as a 
better and faster way of running virtual machines. From a se...
“There's contentions all over the place that containers are not 
actually as secure as hypervisors. This is not really tru...
“Virtual Machines might be more secure today, but containers are 
definitely catching up.” 
–Jerome Petazzoni, Senior Soft...
“You are absolutely deluded, if not stupid, if you think that a 
worldwide collection of software engineers who can't writ...
"Some people make the mistake of thinking of containers as a better and faster 
way of running virtual machines. From a se...
Who am I?
What I’m going to talk about
Security and Risk
Vulnerabilities and Exploits
A vulnerability is a mistake.
Configuration vulnerabilities
Software vulnerabilities
Intel SYSRET
Zombie Apocalypse.
Every window is an opportunity 
to make a mistake
Every element of every interface is 
an opportunity to make a mistake
But does this really matter?
Would this affect a system 
configured reasonably for security?
Xen: Access to HV memory 
>5TiB during migration
Xen: Unsecured PV console 
parameters
Xen: 1 year, 1-4 known 
vulnerabilities
KVM: Escalation in vhost
KVM: PUSHA instruction 
emulation
KVM: vcpu hypercall boundary 
check
KVM: vlapic shared page 
crossing a page boundary
KVM: 1 year, 4 solid 
vulnerabilities
qemu: VMWare emulated device
qemu: virtio-net mac address 
update
qemu: 1 year, 2 known 
vulnerabilities
Linux: ping
Linux: tty race condition
Linux: ptrace and SYSRET
Linux: AIO, arbitrary read of 
kernel memory
Linux: Futex not checking if two 
pointers were different (2)
Linux: AMD math coprocessor
Linux: 2 months, 6 vulnerabilities
Hypervisors: 
Low (but not zero) risk
General-purpose containers: 
Not so good
Application-specific containers 
+ seccomp2?
Questions?
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd
Upcoming SlideShare
Loading in...5
×

LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd

869

Published on

In our interconnected world of mobile and cloud computing, particularly with the rise of governmental spying, corporate espionage, and theft of data by organized crime syndicates, security is more important than ever. Many claims are being made about the security of open-source cloud technologies: How can administrators, users, and developers separate fact from fiction?

This talk will equip the audience with the principles needed to evaluate security claims. We will talk the nature of risk, of vulnerabilities and exploits; the various factors that reduce the risk of vulnerabilities in software; and about TCB, threat models, and defense-in-depth.

We will then apply these principles to three open-source cloud technologies: containers, KVM, and Xen, to see how they stack up. These will be backed up with numbers: lines of code, security advisories, entry points, and so on.

Published in: Internet, Technology
0 Comments
7 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
869
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
23
Comments
0
Likes
7
Embeds 0
No embeds

No notes for slide

Transcript of "LCNA14: Security in the Cloud: Containers, KVM, and Xen - George Dunlap, Citrix Systems UK Ltd"

  1. 1. Security in the Cloud: Xen, KVM, Containers Or, Surviving and the Zombie Apocalypse
  2. 2. “Some people make the mistake of thinking of containers as a better and faster way of running virtual machines. From a security point of view, containers are much weaker.” –Dan Walsh (Mr. SELinux)
  3. 3. “There's contentions all over the place that containers are not actually as secure as hypervisors. This is not really true. Parallels and Virtuozo, we've been running secure containers for at least 10 years.” –James Bottomley, Linux Maintainer and Parallels CTO
  4. 4. “Virtual Machines might be more secure today, but containers are definitely catching up.” –Jerome Petazzoni, Senior Software Engineer at Docker
  5. 5. “You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.” –Theo de Raadt, OpenBSD project lead
  6. 6. "Some people make the mistake of thinking of containers as a better and faster way of running virtual machines. From a security point of view, containers are much weaker." -Dan Walsh "There's contentions all over the place that containers are not actually as secure as hypervisors. This is not really true. Parallels and Virtuozo, we've been running secure containers for at least 10 years.” -James Bottomley "Virtual Machines might be more secure today, but containers are definitely catching up." -Jerome Petazzoni "You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes." -Theo de Raadt
  7. 7. Who am I?
  8. 8. What I’m going to talk about
  9. 9. Security and Risk
  10. 10. Vulnerabilities and Exploits
  11. 11. A vulnerability is a mistake.
  12. 12. Configuration vulnerabilities
  13. 13. Software vulnerabilities
  14. 14. Intel SYSRET
  15. 15. Zombie Apocalypse.
  16. 16. Every window is an opportunity to make a mistake
  17. 17. Every element of every interface is an opportunity to make a mistake
  18. 18. But does this really matter?
  19. 19. Would this affect a system configured reasonably for security?
  20. 20. Xen: Access to HV memory >5TiB during migration
  21. 21. Xen: Unsecured PV console parameters
  22. 22. Xen: 1 year, 1-4 known vulnerabilities
  23. 23. KVM: Escalation in vhost
  24. 24. KVM: PUSHA instruction emulation
  25. 25. KVM: vcpu hypercall boundary check
  26. 26. KVM: vlapic shared page crossing a page boundary
  27. 27. KVM: 1 year, 4 solid vulnerabilities
  28. 28. qemu: VMWare emulated device
  29. 29. qemu: virtio-net mac address update
  30. 30. qemu: 1 year, 2 known vulnerabilities
  31. 31. Linux: ping
  32. 32. Linux: tty race condition
  33. 33. Linux: ptrace and SYSRET
  34. 34. Linux: AIO, arbitrary read of kernel memory
  35. 35. Linux: Futex not checking if two pointers were different (2)
  36. 36. Linux: AMD math coprocessor
  37. 37. Linux: 2 months, 6 vulnerabilities
  38. 38. Hypervisors: Low (but not zero) risk
  39. 39. General-purpose containers: Not so good
  40. 40. Application-specific containers + seccomp2?
  41. 41. Questions?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×