October 31 - November 1 | Lyon, France
View More Details  & Register Here
Friday, November 1 • 14:20 - 15:05
Upcoming x86 Technologies for Malicious Hypervisor Protection - David Kaplan, AMD

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
This talk will introduce AMD SEV-SNP (Secure Nested Paging), the next generation of AMD’s x86 virtualization isolation technology. Building upon the existing AMD SEV and AMD SEV-ES features released in 2017, SEV-SNP provides additional hardware security that is designed to protect VMs from malicious hypervisors. SEV-SNP adds new memory integrity protection, new use models, and more flexibility in attestation and VM management when working with protected VMs in hostile environments.

This talk will delve into the specific security that is provided by the SEV-SNP architecture, the stronger threat model that it supports, and the new hardware structures and x86 instructions being added to implement these protections. Finally, this talk will discuss the impacts of these changes to the open source ecosystem and identify areas where Linux may desire to take advantage of these new protections.

avatar for David Kaplan

David Kaplan

Security Architect, AMD
David Kaplan is a Fellow at AMD who focuses on developing new security technologies across the AMD product line as part of the Security Architecture Research and Development center. He is the lead architect for the AMD memory encryption features and has worked on both CPU and SOC... Read More →

Friday November 1, 2019 14:20 - 15:05
Forum 1