Tag Archives: linuxfoundation

Linux Security Summit 2013 – Schedule Published!

The schedule for this year’s Linux Security Summit in New Orleans is now published!

The keynote will be presented by Ted Ts’o.

Refereed talks include:

  • Embedded Linux Security (David Safford, IBM)
  • Extending AppArmor Mediation into the Userspace (John Johansen, Canonical)
  • Multiple Concurrent Security Models? Really? (Casey Schaufler, Intel)
  • Linux Kernel ASLR (Kees Cook, Google)
  • The AppArmor Labeling Model (John Johansen, Canonical)

It looks like there’s been quite a lot happening in AppArmor.  There’ll also be general project updates for SELinux, Smack, AppArmor and the Integrity subsystem, as well as a discussion on kernel coding anti-patterns led by Kees Cook.

There’ll be break-out sessions on the second day, details of which will be posted on the schedule as they’re known.  If you’ll be at LSS (or LinuxCon/Plumbers generally) and would like to schedule a break-out session, contact the program committee per the details at the wiki page.

See everyone on the 19th and 20th of September in New Orleans!

Linux Security Summit 2013 (New Orleans) – Call for Participation

The CFP for the 2013 Linux Security Summit has been announced.

The summit will be held across the 19th and 20th of September in New Orleans, co-located again with LinuxCon and Linux Plumbers. Note that presenters and attendees at LSS must be registered as LinuxCon attendees.

We’ll be following a similar format to last year, with a day of refereed presentations, followed by subsystem updates and break-out sessions on the second day. We’ll probably finish up around lunchtime on the Friday for people needing to head home that day, but check the final schedule for details once it’s published.

The CFP is open until 14th June, with speaker notifications to be posted by 21st June.

If you’ve been doing cool and interesting work in Linux security, be sure to submit a proposal!

Linux Security Summit 2012 – Schedule Published

The schedule for LSS 2012 is now published. See also the email announcement.

As previously mentioned, LSS this year will be a two-day event, co-located with LinuxCon.

On Day 1, we’re privileged to have a keynote by Matthew Garrett. He’s one of the best speakers in the community, and I believe he’ll be discussing secure boot.

Following the keynote, we have eight refereed presentations on new and interesting Linux security development topics.

On Day 2, we’ll have kernel security subsystem updates from maintainers, followed by an afternoon of breakout sessions. The breakout sessions are for deeper dives into specific areas, and may include development discussions and hack sessions. An BoF is planned to discuss an LF Security Workgroup, and attendees may propose more sessions in the leadup to the conference by emailing the program committee.

Thanks to all of the committee members for reviewing the proposals and helping to organize the summit — it’s shaping up as an interesting and productive event!

Kernel Security Talk at LinuxCon Japan

Just to let folk know — I’ll be giving a talk on the state of Linux kernel security development at LinuxCon Japan in Yokohama on June 8th. From the abstract:

In this talk, we’ll examine the current state of the Linux kernel security subsystem. Starting with a brief overview of existing features, we’ll discuss recent developments, current efforts and future directions. We’ll also discuss the evolving threat landscape, and the increasing need for mobile and cloud security. This will be a high-level technical discussion aimed at IT professionals. A good general knowledge of operating system and computer security concepts will be advantageous.

I’ll also likely be in Tokyo briefly — if any kernel security development folk there want to meet up, let me know.

2012 Linux Security Summit (San Diego) – Call for Particpation

The 2012 Linux Security Summit (LSS) has been announced. The CFP is open from now until the 23rd of May.

This year, the summit will be a two-day event, co-located with LinuxCon, Linux Plumbers, and the Kernel Summit. We’re planning on holding developer break-out sessions for much of the second day, and extending the length of the main talks to the more traditional 45 minute + 15 minute break format. There will still be shorter 30 minute talks, and roundtable discussions.

Check out the programs from previous years to see what kind of proposals have been previously accepted:

Send your proposals to the program committee per the announcement.

Linux Security Summit 2010 (Boston) – Schedule Published

For those who missed the mailing list announcements and tweets, the schedule for the upcoming Linux Security Summit has now been published: click here for the timetable and links to talk abstracts.

The summit is to be held on Monday, 9th of August in conjunction with LinuxCon.   Remember that you need to be registered for LinuxCon to attend the Security Summit (see my last post for details on a registration discount code).  You do not need to pay anything further for the Security Summit.

We had a very strong field of proposals for the summit, and the voting process was reasonably tough.  Proposals required a minimum average score of 4/5 from the program committee to be accepted as a main talk.  We had to reject several good proposals which did not make this grade, and they now have priority as lighting talks.  (Lightning talks will otherwise to be allocated on a first-come first-served basis on the day).

Here’s a summary of the accepted main talks:

  • Recent Advances in the SELinux Sandbox – Dan Walsh, Red Hat
  • in ur webserver, writin ur logs – Joshua Brindle, Tresys
  • Integrating Security into Vyatta – Stephen Hemminger, Vyatta
  • MSF Security Framework Overview – Elena Reshetova, Nokia
  • Access Control in the MSF Security Framework – Janne Karhunen, Nokia
  • Linux Security in 10 Years – Brad Spengler, grsecurity
  • Using EVM to protect security extended attributes – Mimi Zohar, IBM
  • Secstate: Integrating SCAP and Puppet for System Lockdown – Karl MacMillan, Tresys
  • Widely Used But Out-Of-Tree, Kees Cook – Canonical
  • Linux Security Usability, Z. Cliffe Schreuders – Murdoch University
  • System Security Services Daemon (SSSD) – Stephen Gallagher, Red Hat

These talk sessions are intended to be as collaborative and interactive as possible.  They’re thirty minutes each, with at least ten minutes of discussion included. The pace will be fairly brisk, and hopefully leave people wanting more and generating subsequent discussions.  Many people will be there for the week, and it’s been my experience over the years that much of the best discussion ends up happening after the talks in the various hallway and dinner tracks.

We’ll also have a panel session and, as mentioned, lightning talks.  See the schedule page for more details, and for any updates.

I hoped we’d see more proposals from folk on the operational side of things — we probably need to reach out in that direction better next time.  A significant aim of the summit is to foster collaboration between the development community and those running real systems, so if you’re in the latter group, definitely consider attending.  This will be a great opportunity to catch up on current developments in Linux security, and to provide your input and feedback.

Also, please join the event mailing list if you’re planning on attending in any capacity, so we can get any updates out to you, as well as better estimate attendance.  There’s also a Facebook page (which I don’t seem to be able to make public, ironically).

See you there!

Linux Security Summit 2010 – CFP closing this week

Just a reminder that the CFP for the Linux Security Summit ends this Friday, 4th of June.

If you have something interesting to discuss, send your proposal to the program committee via plain text email per the CFP announcement.

We have some very interesting proposals so far — if you have any interest in Linux security, you should probably try and be there.

Note that you need to be registered for LinuxCon to attend. As a speaker at the main conference, I’ve been given a discount code to hand out to people “in my network”. If you’re reading this, you’re in :-) Using the code, you can save 20%, which is currently $80 USD.

That’s enough to buy a Red Sox ticket and a hot dog.

Boston v. NY, 1912
Boston vs. NY, 1912 World Series (LOC).

Email me directly for the code at jmorris@namei.org.

Linux Security Summit 2010 (Boston) – CFP Open

The Call for Participation (CFP) for the 2010 Linux Security Summit has been announced and is open until the 4th of June.

The aim of the Linux Security Summit is to bring developers, researchers and end users together to analyze and solve Linux security challenges.

This is not just for “security people” — it’s intended to be a forum for collaboration between the wider community (sysadmins, operations, architects, developers etc.) and Linux security developers.

Aerial view of Boston

Boston

The format of the event is expected to be a mix of brief technical talks, panel discussions, and lightning talks. It will be held on Monday 9th August, 2010 in Boston, co-located with LinuxCon.

The program committee is currently seeking proposals for talks and panel discussion topics: see the CFP for details.

In particular, we’d like to encourage folks with significant real-world deployments to attend and discuss what they’re doing and what they need in terms of security from the OS.

From a security developer point of view, much effort over the last decade has gone into adding security features to Linux and integrating them into distributions. End users have now been through a few product release cycles with these features, so it seems like a good opportunity now to get together and discuss what’s working, what’s not, and how we can work together to continue improving Linux security.

Attendance is open to all registered LinuxCon delegates.

2009 SELinux Developer Summit schedule published

We’ve just published the schedule for this year’s SELinux Developer Summit.

From the announcement:

This year's event will be divided into two main sessions.

The first will be for traditional conference presentations which
were accepted via the CfP:

  * Labeled NFS Community Involvement - Dave Quigley (NSA)
  * Update on Flask/TE Support for X - Eamon Walsh (NSA)
  * Work on a Higher-Level Policy Language - James Carter (NSA)
  * Video Streaming in Policy Confined Environments - Philip Tricca (USAF)
  * A New Policy Infrastructure for SELinux Joshua Brindle (Tresys)
  * Policy Distribution Joshua Brindle (Tresys)
  * Refpolicy and Userspace Joshua Brindle (Tresys)
  * Analysis of Flask Policies in VM Systems Trent Jaeger (PSU) 

Aside from Josh's talks (which are combined into one 60-minute slot),
these are 30-minute slots.  For speakers, the recommended format is
20-minutes of presenting and 10-minutes of Q&A.

The second main session, after lunch, is intended to be fully
collaborative in that everyone in attendance may (and should) participate.
This is divided into three sections:

  * Lightning talks, 5 minutes each.  Any attendee may propose a lightning
    talk via the wiki or on the day.

  * Development sessions.  This is a flexible format where developers can
    work in small self-organized groups on specific tasks, taking
    advantage of the fact that we're all in the same place for the day.
    We'll discuss this further on the event mailing list -- it's important
    to identify tasks, teams and goals beforehand, and also to make sure
    everyone is set up to get straight to work on the day.

  * General project discussion.  We'll spend about an hour discussing
    project and development issues.  Candidate agenda items should
    first be posted to the event mailing list, and the agenda will be
    finalized immediately prior to the event.

For attendees who are yet to do so, ensure you are registered for
LinuxCon, which is co-hosting the event for us:

http://events.linuxfoundation.org/events/linuxcon

LinuxCon registration is a requirement for attending the SELinux Developer
Summit.  The current discounted registration rate ends on August 15th.

The development sessions idea comes from last year’s development-oriented FOSS.IN, which I wrote about here.

If you’re still considering whether to attend the SELinux Developer Summit, keep in mind that in addition to being part of LinuxCon, there’s also Linux Plumbers directly following that at the same venue, which includes a general Linux security microconf.  Travel budgets are tight for everyone this year, so hopefully the co-location of these events will help make a business case for people who are still working on travel approval.

For those who can’t make it, we’ll try and ensure that all available materials and minutes from the event are published in a timely manner.   I’d encourage those who are able to attend to blog/dent/tweet anything related to the event that they feel might be useful to others.