Tales from the Machine Room - Hypervisor Security in the World's Largest 
Cloud Infrastructure

Björn Döbel
Amazon

The cloud business model promises customers economic advantages for moving 
their workloads to be run by Infrastructure-as-a-Service providers, such as 
GCE, Azure, or AWS. By doing so, these customers put their valuable assets 
in the hands of a third party. It is therefore fair to say that establishing 
and maintaining the required customer trust is one of the major obstacles an 
IaaS provider has to overcome in order to be successful. Security is one of 
the most important facets of this problem.

In this talk I’m going to report on our experiences keeping the Amazon EC2 
fleet safe from security vulnerabilities at the kernel, hypervisor, and 
hardware levels. I’m going to give insight into the tools and workflows we 
are using to respond to arising security issues and talk about some of the 
things we learned while keeping EC2 reboot-less for nearly four years now.