Tag Archives: lpc2011

Linux Security Summit 2011 – Presentation Slides

Just over a week ago, the 2011 Linux Security Summit was held in Santa Rosa CA, co-located with Linux Plumbers. It ran for a day, starting with refereed presentations, and then round-table discussions.

The home page for the summit is on the kernel.org wiki, and is currently unavailable, so I’m posting links to the slides here:

* Smack is Alive and Well
Casey Schaufler, Intel

* An Overview of the Linux Integrity Subsystem: Use Cases and Demonstration
David Safford and Mimi Zohar, IBM

* Digital Signature support for IMA/EVM
Dmitry Kasatkin and Ryan Ware, Intel  (presented by Casey)

* Protecting the Filesystem Integrity of a Fedora 15 Virtual Machine from Offline Attacks using IMA/EVM
Peter Kruus, The Johns Hopkins University Applied Physics Laboratory

* Efficient, TPM-free system integrity checking with device mapper: dm-verity
Will Drewry and Mandeep Baines, Google

* The Case for SE Android
Stephen Smalley, NSA

Roundtable discussions:

* Kernel Hardening [no slides]
Lead by Kees Cook, Canonical and Will Drewry, Google

* LSM Architecture
Lead by Kees Cook, Canonical and Casey Schaufler

The SE Android talk was a last minute replacement for Ryan Ware’s talk on MeeGo (Ryan was unfortunately not able to make it).

See the write-ups by by Paul Moore and LWN.

Feedback so far has been positive.  I think it’s valuable for the security developers to get together like this, after spending the rest of the year working remotely with each other.  Next year, we’ll likely be looking at co-locating with LPC/KS/LinuxCon in San Diego.  It may be worth thinking about expanding to a two-day event, with the first day following the same format, but then splitting into project groups on day two for BoFs/hack sessions.

Contact the program committee if you have any suggestions.

I’d like to thank the LPC folk, and especially Jesse Barnes, for allowing us to co-locate and taking care of all of the logistics — all we had to do was organize the talks and turn up.  Also thanks to the speakers, discussion leaders and attendees.  See you next year!

Linux Security Summit 2011 – Schedule Published

For those that didn’t catch the email announcement, the schedule for the 2011 Linux Security Summit is now published.

The format of the conference is refereed talk sessions, followed by in-depth roundtable discussions.

Here’s a summary of the programme:

Refereed talks:

  • “Smack is Alive and Well”
    Casey Schaufler
  • “MeeGo Security Update”
    Ryan Ware, Intel
  • “An Overview of the Linux Integrity Subsystem: Use Cases and Demonstration”
    David Safford and Mimi Zohar, IBM
  • “Digital Signature support for IMA/EVM”
    Dmitry Kasatkin and Ryan Ware, Intel
  • “Protecting the Filesystem Integrity of a Fedora 15 Virtual Machine from Offline Attacks using IMA/EVM”
    Peter Kruus, The Johns Hopkins University Applied Physics Laboratory
  • “Efficient, TPM-free system integrity checking with device mapper: dm-verity”
    Will Drewry and Mandeep Baines, Google

Roundtable discussions:

  • Kernel Hardening
    Lead by Kees Cook, Canonical and Will Drewry, Google
  • LSM Architecture
    Lead by Kees Cook, Canonical and Casey Schaufler

See the full schedule for more detail.

Attendance is open to all registered attendees of the Linux Plumbers Conference.  Early-bird registration is available for LPC until the end of today (US time).

Linux Security Summit 2011 – CFP reminder: 2 weeks!

Calling all Linux security folk!
 

the CFP closes in two weeks...

 

Just a reminder that the CFP for the 2011 Linux Security Summit closes on the 27th of May — two weeks away. Please get your submissions in soon.

Note again that we are co-located with the Linux Plumbers Conference in Santa Rosa, and that all Security Summit attendees, including speakers, will need to register for Plumbers. Earlybird registration is available until 31st May.

Trivia question: which Alfred Hitchcock film was shot on location in Santa Rosa in 1943?

(Hint: click on the image)