[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH][ACM] kernel enforcement of vbd policies via blkback driver

On Thu, 2006-07-27 at 17:26 +0100, Harry Butterworth wrote:

> untrusted driver domain <-> trusted encryption domain <-> FE-domain
>                            hypervisor
>                    trusted access control domain

Another argument in favour of this kind of approach is that if your BE
is something like a fibrechannel driver for a SAN, there isn't actually
any security on the SAN side of it so any guarantees provided by the
driver domain are pretty much worthless.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.