-
Daniel Kiper, Michał Żygowski (3mdeb Embedded Systems Consulting)12/09/2022, 10:00
-
Ken Lu (Intel), Jiewen Yao12/09/2022, 10:05
Confidential computing (CC) provides a solution for data protection with hardware-based Trusted Execution Environment (TEE) such as Intel TDX, AMD SEV, or ARM RME. Today, Open Virtual machine Firmware (OVMF) and shim+grub provided necessary initialization for confidential virtual machine (VM) guest. More important, they acted as the chain of trust for measurement to support TEE attestation. In...
Go to contribution page -
vincent dagonneau12/09/2022, 10:40
Based on a current systemd PR (https://github.com/systemd/systemd/pull/20255) that I submitted, I would like to talk about auto enrollment of Secure Boot.
I would be especially glad to have feedback on any unanticipated issues. Also it is a systemd PR, I think it fits the system boot and security micro conference as it deals with Secure Boot.
One major issue already identified is...
Go to contribution page -
Sumit Garg12/09/2022, 11:15
A Trusted Execution Environment (TEE) is an isolated execution environment running alongside an operating system. It provides the capability to isolate security-critical or trusted code and corresponding resources like memory, devices, etc. This isolation is backed by hardware security features such as Arm TrustZone, AMD Secure Processor, etc.
This session will focus on the evolution of the...
Go to contribution page -
Mr Dimitar Tomov (TPM.dev), Mr Svetlozar Kalchev (EnactTrust)12/09/2022, 12:20
There are billions of networked IoT devices and most of them are vulnerable to remote attacks. We are developing a remote attestation solution for IoT devices based on Arm called EnactTrust. The project started with PoC for a car manufacturer in 2021.
Today, we have an open-source agent at GitHub[1] that performs attestation. The EnactTrust agent leverages a discrete TPM 2.0 module and has...
Go to contribution page -
Daniel Smith (Apertus Solutions, LLC)12/09/2022, 12:55
Presented here will be an update on TrenchBoot development, with a focus on the Linux Secure Launch upstream activities and the building of the new late launch capability, Secure ReLaunch. The coverage of the upstream activities will focus on the redesign of the Secure Launch start up sequence to accommodate efi-stub's requirement to control Linux setup on EFI platforms. This will include a...
Go to contribution page -
Morten Linderud (Independent)
Secure boot intend to be a way for OEMs to ensure only trusted software is capable of booting on the machines. For Linux distributions this is mostly being done by utilizing a pre-bootloader shim which is signed by a UEFI Certificate Authority, and unique for each individual Linux distribution.
One of the promises of Secure Boot was the intention of having users be able to regain control of...
Go to contribution page -
Morten Linderud (Independent)
Secure boot intend to be a way for OEMs to ensure only trusted software is capable of booting on the machines. For Linux distributions this is mostly being done by utilizing a pre-bootloader shim which is signed by a UEFI Certificate Authority, and unique for each individual Linux distribution.
One of the promises of Secure Boot was the intention of having users be able to regain control of...
Go to contribution page -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Choose timezone
Your profile timezone:
