Help Center/
Elastic Cloud Server/
Technical White Paper/
QingTian System Security Technical White Paper/
QingTian Confidential Computing/
Isolation Dimension 1
Updated on 2025-10-17 GMT+08:00
Isolation Dimension 1
One of the initial design objectives of the QingTian system is to support secure isolation between customer workloads and the CSP cloud infrastructure, including QingTian bare metal instances and QingTian VM instances.
- For QingTian bare metal instances, QingTian Cards are completely isolated from the host system. Because the host system does not run QingTian Hypervisor, customers exclusively access the underlying mainboard system and use related CPU hardware features (such as Arm TrustZone).
- For QingTian VM instances, QingTian Hypervisor provides strong isolation similar to that of bare metal instances through lightweight design, minimum attack surface, anti-tamper design, and hot upgrade.
Figure 1 Isolation dimension 1
The QingTian system uses the following methods for isolation in this dimension to enhance security of QingTian VM instances:
- Strong isolation: The QingTian system uses a frontend and backend separated VMM architecture, where the frontend and backend are physically isolated based on the PCIe bus. The frontend hypervisor isolates memory and I/O access between VMs based on hardware-assisted virtualization and in-house VRAM memory management. QingTian Cards support VM passthrough access to hardware devices through SR-IOV. In addition, CPU pinning enables the binding of VMs to dedicated CPUs, eliminating the need for QingTian Hypervisor to schedule CPUs. This avoids overhead of context switching and mitigates side-channel attacks.
- Escape prevention: Based on the minimum TCB design principle, QingTian Hypervisor code has been streamlined, retaining only the basic code required for virtualization. There are no network protocol stacks, local disks, configuration files, or SSH management tools. QingTian Hypervisor has a code volume less than 1% of traditional virtualization management systems, significantly lowering the VM escape risk.
- Anti-tampering: The QingTian system uses forcible secure boot and trusted measurement. QingTian Controller performs secure boot first to ensure that the boot environment meets the expectation. Then, it verifies the integrity of the QingTian Hypervisor image file, and boots the host system to start QingTian Hypervisor.
- Key protection: QingTian Cards have an independent hardware security module. It uses the hardware-protected identity authentication to establish trusted access with the ECS control plane. This can prevent node identity spoofing caused by software credential leaks. QingTian Controller uses the hardware security module to protect the key materials required for volume encryption and VPC encryption, derives data keys in the hardware environment, keeps data keys within the hardware.
- Zero-privilege access: QingTian Hypervisor does not provide any remote login methods. Cloud service O&M personnel can only use O&M APIs for remote diagnosis. No internal personnel can obtain system privileges to access the memory data of customer instances.
Parent topic: QingTian Confidential Computing
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
