Max-Planck-Institut für Informatik
max planck institut
mpii logo Minerva of the Max Planck Society

MPI-INF or MPI-SWS or Local Campus Event Calendar

<< Previous Entry Next Entry >> New Event Entry Edit this Entry Login to DB (to update, delete)
What and Who
Title:Virtualization Security: The Good, The Bad and The Ugly
Speaker:Haibo Chen
coming from:Huawei
Speakers Bio:Haibo Chen is a Professor at the School of Software, Shanghai Jiao Tong University, where he co-founds and leads the Institute of Parallel and Distributed Systems (IPADS) ( He currently also serves as Huawei's Chief Scientist for OS and directs the OS Kernel Lab. Haibo's main research interests are building scalable and dependable systems software, by leveraging cross-layering approaches spanning computer hardware, system virtualization and operating systems. He is currently the steering committee co-chair of ACM APSys and Chair of ACM ChinaSys, serves on program committees of IEEE S&P 2019, CCS 2019, Usenix ATC 2019 and SOSP 2019 and the editorial board of ACM Transactions on Storage.
Event Type:Colloquium Lecture
Visibility:D1, D2, D3, INET, D4, D5, SWS, RG1, MMCI
We use this to send out email in the morning.
Level:MPI Audience
Date, Time and Location
Date:Tuesday, 15 January 2019
Duration:60 Minutes
Building:E1 5
The resurgence of virtualization has stimulated its wide adoption in desktop, cloud and mobile environments. With virtualization being a new systems software foundation, virtual machine monitors (or hypervisors) are now treated as the security foundation of the system software stack, due to the promise of being small and providing strict security isolation. In this talk, I will first question whether such a promise still holds in commodity hypervisors by reviewing the historical evolution of virtualization. Based on a negative answer, I will discuss a series of efforts to enhancing the security isolation while minimizing the trusted computing based of the virtualization stack, including leveraging a commodity hypervisor to isolate a group of process, using a nested hypervisor to transparently isolate virtual machines and completely offloading isolation functionalities into on-chip CPU. Finally, I will also describe a set of new security innovation enabled by virtualization, such as live updating, security introspection and fine-grained compartmentalization.
Name(s):Gretchen Gravelle
EMail:--email address not disclosed on the web
Video Broadcast
Video Broadcast:YesTo Location:Kaiserslautern
To Building:G26To Room:111
Meeting ID:
Tags, Category, Keywords and additional notes
Attachments, File(s):
Gretchen Gravelle/MPI-SWS, 01/08/2019 01:12 PM
Last modified:
Uwe Brahm/MPII/DE, 01/15/2019 07:01 AM
  • Gretchen Gravelle, 01/08/2019 01:16 PM -- Created document.