OpenStack Summit May 2014 Atlanta

Cloud computing provides obvious economic and manageability benefits. Unused resources in production environments can be used to deploy development instances. Public clouds mean we can avoid buying rooms full of mostly idle hardware just to cater for worst case scenarios. And, thanks to hypervisors imposing isolation between instances, this should all come at no cost to security.
But is that true? What happens if someone does break out of a guest? What damage can they do? How can we detect it? What's the absolutely worst case scenario? With increasing levels of concern over low-level system vulnerabilities, how can we reassure users that their cloud environments are secure?
This presentation will cover the various techniques and technologies required to build a truly trustworthy cloud, ranging from boot attestation to runtime introspection. It will also discuss techniques that attackers can potentially use to gain persistent access to systems, perhaps even over reinstallation.