Subash SN & Mohd Akram Ansari


Talk Title :

Bheem OS - A next-generation reasonably secure OS using Rust MicroVMs


Abstract :

Bheem OS is a next-generation reasonably secure operating system. It takes the security by isolation principle from Qubes OS further by virtualizing every application and most OS functions into rust MicroVMs. In doing this, it is surprisingly able to provide more usability and performance thanks to kvm, virtio and crosvm and improved architecture.

In this talk, we will:

  • Delve into subsystems of a modern operating system from the display, networking, filesystem, input, USB, PCI devices, etc., and how they are isolated and exposed in a secure way to applications and user environments.
  • Cover aspects of managing operating systems that we are now able to do more effectively such as network and process package management, updates, logging & monitoring, access controls, backup and restore, permissions, credentials, etc.
  • Explore a new concept of secure, isolated user workspaces/profiles that will eliminate the need for multiple computers for work and personal usage.
How is it more usable than Qubes OS?
  • Strong focus on UI/UX. It will look great!
  • The graphics performance is better inside the App VMs with virtio-gpu allowing even 4k playback
  • No need for app/workspace management for isolation, every app is isolated by default even in the same workspace. Easier to make the switch.
  • You can use KDE, Gnome, i3, or any desktop environment you choose per workspace/profile. Easily switchable profiles make context switching and isolation natural and seamless.
  • Run Android, Linux, Windows, and Mac Apps in one OS.
  • You can even have a Gaming workspace with GPU passed through for gaming.

Overall this talk will introduce the user to a new realm in the Operating system that one can download and use right now, at least a beta version of it.

Bio :

Subash is a privacy and security enthusiast Security Engineer at Appsecco. As an avid security enthusiast and a passionate developer, he enjoys developing meaningful solutions to real-world security problems. He is currently working on solving security problems at a cloud-scale and exploring solutions to improve intelligent automation using AI. During his free time, he loves to explore and research new and upcoming technologies. Introduced to the world of security by null Open Security Community, he is on track to actively contribute back by presenting at various meetups and conferences and has given talks at null Bangalore and the Serverless Summit. He has also contributed to open-source security tools such as OWASP Threat Dragon and DVNA.

Want to connect?

Akram is a research student at the University of Calgary and is an avid open source contributor. With his experience in enterprise software, systems, web, and hardware development, he has more than equipped himself to solve the next big thing.

Want to connect?