Trusted computing applied in Open Power Linux



Similar documents
System Management Tool for OpenPOWER

LinuxCon Europe UEFI Mini-Summit 7 October 2015

GLOBAL PARTNER TRAINING

Research and Design of Universal and Open Software Development Platform for Digital Home

PowerVC 1.2 Q Power Systems Virtualization Center

Virtualization across the organization

Implementing SAAS: Cloud Computing and Android Based Application Framework for.net Programming

Security Security by Separation

About Us. Technology Solutions & Services Company. Turn Innovative Ideas into Real Products & Software, Efficiently

CLOUD API DOCUMENTATION v2.0. Get list of cloud servers in account

Open Network Install Environment

Open Network Install Environment (ONIE) LinuxCon North America 2015

Cloudy Middleware MARK LITTLE TOBIAS KUNZE

Data Center and Cloud Computing Market Landscape and Challenges

Reducing Outages and Degradations. With Proactive Application Performance Monitoring. Ted Wilson VP Business Development SL Corporation

FUTURE DEVELOPMENT OF DESKTOP LINUX

Accelerating From Cluster to Cloud: Overview of RDMA on Windows HPC. Wenhao Wu Program Manager Windows HPC team

Bright Cluster Manager

VoIP support on Qtopia. Vladimir Minenko, Ph.D.

Design for Success. Elevating Your Product s Capabilities through a Cloud-Connectivity System

Reducing Outages and Degradations. With Proactive Application Performance Monitoring. Ted Wilson VP Business Development SL Corporation

Toward Connected Vehicle with AGL

Java and the Internet of Things

Manjrasoft Market Oriented Cloud Computing Platform

Open Source for Cloud Infrastructure

OpenStack in the Enterprise: From Strategy to Real Life. Radhesh Balakrishnan General Manager OpenStack

Satish Mohan. Head Engineering. AMD Developer Conference, Bangalore

IBM high-density µserver demonstration platform leveraging PPC, Linux and hot-water cooling Ronald P. Luijten Data Motion architect

Lean and Easy Ways to Adopt MOST Technology

ANDROID DEVELOPER TOOLS TRAINING GTC Sébastien Dominé, NVIDIA

Enhancing Hypervisor and Cloud Solutions Using Embedded Linux Iisko Lappalainen MontaVista

Design for Success: Designing for the Internet of Things with TiWiConnect

Agenda. Capacity Planning practical view CPU Capacity Planning LPAR2RRD LPAR2RRD. Discussion. Premium features Future

SDN software switch Lagopus and NFV enabled software node

Huawei's Open Cloud Strategy

Cloud Computing with Red Hat Solutions. Sivaram Shunmugam Red Hat Asia Pacific Pte Ltd.

Build & Manage Clouds with Red Hat Cloud Infrastructure Products. TONI WILLBERG Solution Architect Red Hat toni@redhat.com

ARM s role in Open Source software

Open: Broader and Deeper

FPGA Accelerator Virtualization in an OpenPOWER cloud. Fei Chen, Yonghua Lin IBM China Research Lab

One-click Hadoop Cluster Deployment on OpenPOWER Systems Pradeep K Surisetty IBM. #OpenPOWERSummit

Practical Guide to Platform as a Service.

PATROL Console Server and RTserver Getting Started

Embedded Development Tools

Getting Started with Tizen SDK : How to develop a Web app. Hong Gyungpyo 洪 競 杓 Samsung Electronics Co., Ltd

Capacity planning for IBM Power Systems using LPAR2RRD.

Linux Distributions. What they are, how they work, which one to choose Avi Alkalay

KURA M2M/IoT Gateway. reducing the distance between embedded and enterprise technologies. Tiziano Modotti, October 28 th, 2014

DevOps Course Content

Hancom eco-system policy by Open Source Software. Cho Jin-Ho Chief Researcher Hancom Inc.

Better Integration of Systems Management Hardware with Linux

Holger Reinhardt IBM Deutschland Research & Development GmbH holger.reinhardt@de.ibm.com. Cloud Appliances IBM Corporation

MOBILE FOR MEDICAL DISPLAY CALIBRATION CHALLENGES

H MICRO CASE STUDY. Device API + IPC mechanism. Electrical and Functional characterization of HMicro s ECG patch

Business Analytics in the Cloud Rapid, Low-cost Deployment for the Enterprise

Citrix XenServer 5.6 OpenSource Xen 2.6 on RHEL 5 OpenSource Xen 3.2 on Debian 5.0(Lenny)

WIND RIVER SECURE ANDROID CAPABILITY

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D

IT Service Management aus der Cloud

Virtualization for Cloud Computing

Supply Chain Integrity Business Process Architecture. John D Andrea Director, Global Supply Chain Program Management

A Cloud Test Bed for China Railway Enterprise Data Center

Oracle Linux Strategy and Roadmap

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions

Linux/Open Source and Cloud computing Wim Coekaerts Senior Vice President, Linux and Virtualization Engineering

<Insert Picture Here> Oracle Database Support for Server Virtualization Updated December 7, 2009

IBM Platform Computing : infrastructure management for HPC solutions on OpenPOWER Jing Li, Software Development Manager IBM

Avnet Guide to Oracle: Oracle Linux

EECatalog SPECIAL FEATURE

Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems

Virtualization Technologies (ENCS 691K Chapter 3)

Operating Systems (Linux)

Open Network Linux A Network Operating System (NOS) for OCP

Fastboot Techniques for x86 Architectures. Marcus Bortel Field Application Engineer QNX Software Systems

IOTIVITY AND EMBEDDED LINUX SUPPORT. Kishen Maloor Intel Open Source Technology Center

Security Best Practice

Controlling Remote Access to IBM i

Manjrasoft Market Oriented Cloud Computing Platform

Microsoft Windows Apple Mac OS X

Toward a Unified Ontology of Cloud Computing

Integrity measurements for stronger cloud-based authentication

Basler dart AREA SCAN CAMERAS. Board level cameras with bare board, S- and CS-mount options

Memory Channel Storage ( M C S ) Demystified. Jerome McFarland

Example of Standard API

Virtual Hosting & Virtual Machines

VirtualclientTechnology 2011 July

HP OO 10.X - SiteScope Monitoring Templates

Solution for private cloud computing

How To Use Softxpand (A Thin Client) On A Pc Or Laptop Or Mac Or Macbook Or Ipad (For A Powerbook)

Software Solutions for Multi-Display Setups

INSTRUCTOR: Dwight Makaroff - Thorvaldson x8656. Available via appointment.

Beyond Virtualization: A Novel Software Architecture for Multi-Core SoCs. Jim Ready September 18, 2012

Open Source Project from China. Northeast Asia Open Source SoftwareCompetition Nov. 2012

Performance Architect Remote Storage (Intern)

COMPUTING. SharpStreamer Platform. 1U Video Transcode Acceleration Appliance

SNOW LICENSE MANAGER (7.X)... 3

Providing a jump start to EFI application development and a uniform pre-boot environment

The Massachusetts Open Cloud (MOC)

Cloud Services in China and Challenges for Global Expansion YinJian

Marco Righini Solution Architect Intel

Transcription:

Trusted computing applied in Open Power Linux Qiuyin Mao, R&D Director Zhiqiang Tian, Senior BIOS Engineer Beijing Neu Cloud Oriental System Technology Co. Ltd. (NCO China) #OpenPOWERSummit Join the conversation at #OpenPOWERSummit 1

Agenda NCO(China) introduction Background Demonstrated Features Our experience Benefit Join the conversation at #OpenPOWERSummit 2

Beijing Neu Cloud Oriental System Technology Co., Ltd Leading High Performance Server Manufacturer in China, Invested By IBM Teamsun s Holdings Subsidiary Neu Cloud is committed to the events focusing on the IBM POWER servers manufacturing, the localization and the well matched platform and ecological system. Owing to establish a comprehensive ecological system and manufacturing chain, Neu Cloud infuses substantial R&D into the domains of server, database, middleware, virtualization, cloud computing and big data. What s more, joint great efforts with leading enterprises by reaching agreements to chart a promising future. Join the conversation at #OpenPOWERSummit 3

Background The computer system security problem is more and more emphasized by the Chinese government and it has created its own security standards. Open POWER as a new open platform, it urgently needs to achieve China's trusted computing security standard and provides the prototype system that conforms to the specifications in order to satisfy the demands of the development of Open POWER ecosystem in China. Join the conversation at #OpenPOWERSummit 4

Demonstrated Features Trusted motherboard: As the RTM of the Trusted computing, provides the highest security solution. Join the conversation at #OpenPOWERSummit 5

Demonstrated Features TPCM card: -Embedded in mother board that has the highest security standard but it need design new platform board -As a PCIE device, implements TPCM and no HW change in system. It can work after PCIE device is ready during BIOS post stage. -As a USB device, it can only work after OS loads its driver. Join the conversation at #OpenPOWERSummit 6

Demonstrated Features Implemented trusted chain pass from RTM to application Join the conversation at #OpenPOWERSummit 7

Demonstrated Features Based on the white list and trusted database to implement Trusted Computing in OS kernel. Join the conversation at #OpenPOWERSummit 8

Demonstrated Features Support TPCM card in open power firmware level to support open power virtualization Join the conversation at #OpenPOWERSummit 9

Demonstrated Features Apply the open power trusted computer node to China security Cloud system Join the conversation at #OpenPOWERSummit 10

Our experience We choose Linux as the application OS and it is easy to port the whole trusted computing software stack to other UNIX like OS such as AIX. Join the conversation at #OpenPOWERSummit 11

Our experience KernelEnhance Patchset Version update Debian NCO Trusted Linux Join the conversation at #OpenPOWERSummit 12

Our experience * We developed Linux release version based on Debian and can support Loongson,ARM,X86/AMD and Power * We setup a strong automated building and testing infrastructure to speed up the development Linux Build Infrastructure Linux Automated Testing Infrastructure Intel/AMD X86 Debian NCO High-Assurance Linux Loongson3A/3B ARM64 OpenPOWER Power8 Join the conversation at #OpenPOWERSummit 13

Our experience Security Enhanced Power Linux Architecture Application(Web Service ) SW support level( SDK) Trusted SW level( Service API) User Space Secured Linux Kernel Trusted immune system (Trusted kernel) Kernel Space Join the conversation at #OpenPOWERSummit 14

Our experience is a kind of new computing operation and protection mode, it utilize active immunization through identification, state metric, confidential storage function so that it can timely recognize " own" or threat and block harmful substances into the body. Join the conversation at #OpenPOWERSummit 15

Our experience Identify Trusted Computing Architecture Control Set subject access rule Alert Get subject, object Audit system behavior System Manage Security Manage Audit Manage Trusted Immune Management Platform

Our experience Security Trend Service Security Hole Detect Service Immune Service SW certification service Audit Service Trusted Policy Service Trusted SW Service Join the conversation at #OpenPOWERSummit 17

Benefit The prototype implementation on the open power system that abides by the security standards of China provides strong support for the comprehensive power system promotion and in the meantime it provides a powerful guarantee for the development of power ecosystem in China high security level market. It enriches the China ISV and IHV s options range with this total solution from hardware to software. Join the conversation at #OpenPOWERSummit 18

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information