|
|
|
|
|
|
|
|
|
|
xense-devel
Re: [Xen-devel] [PATCH][ACM] kernel enforcement of vbd policies via blkb
Harry Butterworth <harry@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote on 07/27/2006 12:36:43 PM:
> On Thu, 2006-07-27 at 17:26 +0100, Harry Butterworth wrote:
>
> > untrusted driver domain <-> trusted encryption domain <->
FE-domain
> >
hypervisor
> >
trusted access control domain
>
> Another argument in favour of this kind of approach is that if your
BE
> is something like a fibrechannel driver for a SAN, there isn't actually
> any security on the SAN side of it so any guarantees provided by the
> driver domain are pretty much worthless.
>
> Harry.
>
We are talking about scalable, secure, and efficient
local device virtualization.
The argumentation for network devices is very different
and also interesting. There is a whole new discussion about how to establish
trust into remote parties.
Reiner_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|