An Architectural Framework for Virtual Trustworthy Systems (A31b)
Security of a virtual platform begins with a “Chain of Trust.” The trust chain means that a suitable trust anchor is used to validate the first software component launched, and then each software component will validate subsequent software components until the processing chain is complete. The trust chain extends from firmware boot all the way through run-time execution of applications. This framework describes methods to create and run trustworthy VMs, and containers are addressed separately as they represent different kinds of virtualization which require different trust mechanisms. This presentation covers methods and technologies to be used across virtual products based on the Linux operating system. Boot and run-time execution, and entropy are included in the discussion.