VMSec'09 (2nd Workshop on Virtual Machine Security)
Oct 7, 2009 From: k.suzaki@a...
Oct 7, 2009 From: sakaia@j...
須崎さん
ACM CCSのこの論文も興味深いです。
Hey, You, Get Off of My Cloud:
Exploring Information Leakage in
Third-Party Compute Clouds
http://cseweb.ucsd.edu/~hovav/dist/cloudsec.pdf
セキュリティという観点もありますが
Amazon AWSについてよく分かる...
論文のタイトル自体は、ローリングストーンの歌のタイトルを使ったみたいですが...
http://en.wikipedia.org/wiki/Get_Off_of_My_Cloud
ついでにこの資料を読むと良いかも
http://cloudscaling.com/blog/cloud-computing/amazons-ec2-generating-220m-annually
以上
酒井
Kuniyasu Suzaki <k.suzaki@a...> wrote:
須崎です。 VMSec'09 (Nov/9 Chicago)のプログラムが出ていますね。今回の方が面白そうです。 http://csis.gmu.edu/VMSec09/program.html
また、同時開催の SecuCode'09 (Workshop on Secure Execution of Untrusted Code)で発表される A Formal Model for Virtual Machine Introspection Jonas Pfoh, Christian Schneider, and Claudia Eckert http://www.docomoeurolabs.de/secucode/program.html も興味があります。 SOSP'09 & ICFP'09 で発表されるカーネルの formal verification を行なった SeL4 など formal verification が浸透してきているようです。
Keynote (9:15am - 10:30am) Wolfram Schulte, Microsoft Research From Dependable Multi-user Operating Systems to Dependable Multi-application Operating Systems
Session 1: Recovery & Introspection (11:00am - 12:30pm)
A Formal Model for Virtual Machine Introspection Jonas Pfoh, Christian Schneider, and Claudia Eckert
Emulating Emulation-Resistant Malware Min Gyung Kang, Heng Yin, Steve Hanna, Stephen McCamant, and Dawn Song
TimeCapsule: Secure Recording of Accesses to a Protected Datastore Srinivas Krishnan and Fabian Monrose
Session 2: Software Security (2:00pm - 3:30pm)
Browser protection against Cross-Site Request Forgery Wim Maes, Thomas Heyman, Lieven Desmet, and Wouter Joosen
Hardware-enforced Fine-grained Isolation of Untrusted Code Eugen Leontie, Gedare Bloom, Bhagirath Narahari, Rahul Simha, and Joseph Zambreno
Defending Embedded Systems Against Control Flow Attacks Aurelien Francillon, Daniele Perito, and Claude Castelluccia
Session 3: (Position Papers) Hot Topics in Security Virtualization (4:00pm - 5:30pm)
The Cake is a Lie: Privilege Rings as a Policy Resource Sergey Bratus, Peter C. Johnson, Michael E. Locasto, Ashwin Ramaswamy, and Sean W. Smith
Application Containers without Virtual Machines Shengzhi Zhang, Xi Xiong, Xiaoqi Jia, and Peng Liu
Availability-sensitive Intrusion Recovery Micah Sherr and Matt Blaze
suzaki
Oct 7, 2009 From: k.suzaki@a...
酒井さん、
須崎です。CCSの論文も11月に発表されるものですね。誰か行かないかな。
Cross-VM Side-channel Attack は流行りそうな用語ですね。
suzaki
>>From: Atsushi SAKAI <sakaia@j...> >>Subject: [vimpl:133] Re: VMSec'09 (2nd Workshop on Virtual Machine Security) >> >>須崎さん >> >>ACM CCSのこの論文も興味深いです。 >>Hey, You, Get Off of My Cloud: >>Exploring Information Leakage in >>Third-Party Compute Clouds >>http://cseweb.ucsd.edu/~hovav/dist/cloudsec.pdf >> >>セキュリティという観点もありますが >>Amazon AWSについてよく分かる... >> >>論文のタイトル自体は、ローリングストーンの歌のタイトルを使ったみたいですが... >>http://en.wikipedia.org/wiki/Get_Off_of_My_Cloud >> >>ついでにこの資料を読むと良いかも >>http://cloudscaling.com/blog/cloud-computing/amazons-ec2-generating-220m-annually >> >>以上 >> >>酒井 >> >> >>Kuniyasu Suzaki <k.suzaki@a...> wrote: >> >>> >>> 須崎です。 >>> VMSec'09 (Nov/9 Chicago)のプログラムが出ていますね。今回の方が面白そうです。 >>> http://csis.gmu.edu/VMSec09/program.html >>> >>> また、同時開催の SecuCode'09 (Workshop on Secure Execution of >>> Untrusted Code)で発表される >>> A Formal Model for Virtual Machine Introspection >>> Jonas Pfoh, Christian Schneider, and Claudia Eckert >>> http://www.docomoeurolabs.de/secucode/program.html >>> も興味があります。 >>> SOSP'09 & ICFP'09 で発表されるカーネルの formal verification を行なった >>> SeL4 など formal verification が浸透してきているようです。 >>> >>> ============================================================================== >>> Keynote (9:15am - 10:30am) Wolfram Schulte, Microsoft Research >>> From Dependable Multi-user Operating Systems to Dependable Multi-application >>> Operating Systems >>> >>> Session 1: Recovery & Introspection (11:00am - 12:30pm) >>> >>> A Formal Model for Virtual Machine Introspection >>> Jonas Pfoh, Christian Schneider, and Claudia Eckert >>> >>> Emulating Emulation-Resistant Malware >>> Min Gyung Kang, Heng Yin, Steve Hanna, Stephen McCamant, and Dawn Song >>> >>> TimeCapsule: Secure Recording of Accesses to a Protected Datastore >>> Srinivas Krishnan and Fabian Monrose >>> >>> Session 2: Software Security (2:00pm - 3:30pm) >>> >>> Browser protection against Cross-Site Request Forgery >>> Wim Maes, Thomas Heyman, Lieven Desmet, and Wouter Joosen >>> >>> Hardware-enforced Fine-grained Isolation of Untrusted Code >>> Eugen Leontie, Gedare Bloom, Bhagirath Narahari, Rahul Simha, and Joseph Zambreno >>> >>> Defending Embedded Systems Against Control Flow Attacks >>> Aurelien Francillon, Daniele Perito, and Claude Castelluccia >>> >>> Session 3: (Position Papers) Hot Topics in Security Virtualization (4:00pm - 5:30pm) >>> >>> The Cake is a Lie: Privilege Rings as a Policy Resource >>> Sergey Bratus, Peter C. Johnson, Michael E. Locasto, Ashwin Ramaswamy, >>> and Sean W. Smith >>> >>> Application Containers without Virtual Machines >>> Shengzhi Zhang, Xi Xiong, Xiaoqi Jia, and Peng Liu >>> >>> Availability-sensitive Intrusion Recovery >>> Micah Sherr and Matt Blaze >>> ============================================================================== >>> ------ >>> suzaki >> >> >> >>-- >>archive-> http://qwik.atdot.net/vimpl/79.html >>ML-> vimpl@q... >>