[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Isolation VS Performance



Hello all,

Pardon my ignorance, but it seems to me that there have been numerous 
approaches when it comes to managing isolation of Xen based architectures - 
most of them focused on performance isolation - Deshane et al have done some 
work to test and measure these levels. However I wanted to know if there has 
been any work to specifically categorize and quantify the isolation approaches. 
Like right now the following models of isolation come to my mind.

1. Code based Isolation by classification - Overshadow, Hardware Enforcement of 
Application Security
2. Dom 0 disaggregation - Boxing with IOMMU, Sandboxing  
3. I/O based isolation - Netchannel 2, SV-IO, Direct n Virtual Passthrough, 
By-pass using Infiband, SR-IOV   
4. Isolation based on TPM, TCB - TVP, sHype, ref validation
5. HVM based Isolation

We can of course use a TPM based VM architecture to enhance the  security of a 
direct passthrough system. But then how good will this model be compared to a 
std system which uses just an App specific VM ? Meaning do we really need this 
advanced protection, if Yes for which apps ? Are there scenarios where we might 
need to selectively unlock security and focus on performance n vice-versa ? and 
how do we do it for virtual systems ? 


There are some other fundamental questions like -

1. What is the optimum level of isolation for a given system ?
2. How much influence does the Virtual architecture play to achieve this 
optimal level and how much better would it be compared to the phy arch ?
3. What is the influence of a particular Application - Web, mail, DBMS, E-Comm 
for a given VM in terms of performance and isolation ? App specific TCB vs 
performance
4. Has there been any study done so far to quantify the above mentioned classes 
in terms of isolation and performance  for App specific systems ?
5. Is there a Hybrid approach which we can use to achieve the best of both 
(code + I/O) ? If yes, how specific is it wrt a given model ? 

Performance Analysis metrics focus on - 

1. Throughput (response time) for native VS virtualized env
2. Workload increment affecting resource consumption
3. Values of critical sys metrics VS virtualized overhead
4. Memory usage in terms of L1, L2 and main page faults for native, virtualized 
and passthrough
5. Evaluation of apps based on practical scenarios

Code based protection focuses on -

1. Min TCB - # LOC
2. Policy enforcement using TPM (PCR, service and app code, SML)
3. Secure storage based on classification - keying, attestation

I know I've asked some very generic questions here, so it would be great to 
receive some answers esp if anyone has done this comparison and analysis. 

Thanks
Sameer

-- 
Be Yourself @ mail.com!
Choose From 200+ Email Addresses
Get a Free Account at www.mail.com


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.