AMD SEV
E653461
AMD SEV (Secure Encrypted Virtualization) is a hardware-based security technology from AMD that encrypts virtual machine memory to protect it from access by other VMs, the hypervisor, or physical attackers.
All labels observed (1)
| Label | Occurrences |
|---|---|
| AMD SEV canonical | 2 |
Statements (48)
| Predicate | Object |
|---|---|
| instanceOf |
hardware-based security technology
ⓘ
memory encryption technology ⓘ |
| abbreviationOf | AMD Secure Encrypted Virtualization NERFINISHED ⓘ |
| announcedAt | AMD Developer Summit 2016 NERFINISHED ⓘ |
| compatibleWith |
KVM
NERFINISHED
ⓘ
Linux kernel virtualization ⓘ QEMU NERFINISHED ⓘ |
| designedTo |
enable secure multi-tenant environments
ⓘ
reduce trust in hypervisor ⓘ |
| developer | Advanced Micro Devices NERFINISHED ⓘ |
| documentation | AMD64 Architecture Programmer’s Manual Volume 2 NERFINISHED ⓘ |
| encryptionAlgorithm | AES NERFINISHED ⓘ |
| encryptionType | full VM memory encryption ⓘ |
| hasFeature |
encryption keys not visible to hypervisor
ⓘ
hardware-enforced isolation between VMs ⓘ inline memory encryption and decryption ⓘ transparent memory encryption for VMs ⓘ |
| hasVersion |
AMD SEV-ES
NERFINISHED
ⓘ
AMD SEV-SNP NERFINISHED ⓘ |
| implementedBy | AMD Secure Processor NERFINISHED ⓘ |
| introducedBy | AMD Zen microarchitecture NERFINISHED ⓘ |
| introducedIn | 2016 ⓘ |
| keyManagement | per-VM encryption keys ⓘ |
| keyStorage | on-chip secure processor ⓘ |
| manufacturer | Advanced Micro Devices NERFINISHED ⓘ |
| partOf | AMD Infinity Guard NERFINISHED ⓘ |
| protects | virtual machine memory ⓘ |
| protectsFrom |
cold boot attacks
ⓘ
hypervisor access ⓘ memory bus snooping ⓘ other virtual machines ⓘ physical attackers ⓘ |
| relatedTo |
AMD SME
ⓘ
Intel SGX NERFINISHED ⓘ Intel TDX NERFINISHED ⓘ |
| requires |
firmware support
ⓘ
hypervisor support ⓘ |
| runsOn |
AMD EPYC processors
NERFINISHED
ⓘ
AMD x86-64 processors NERFINISHED ⓘ |
| securityGoal |
confidentiality of VM memory
ⓘ
mitigation of privileged software attacks ⓘ |
| standardizedIn | AMD APM extensions for SEV NERFINISHED ⓘ |
| supports | confidential computing ⓘ |
| targetDomain |
cloud computing
ⓘ
virtualization ⓘ |
| targetUser |
cloud service providers
ⓘ
enterprise virtualization users ⓘ |
| uses | on-die memory encryption engine ⓘ |
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.