9–11 Sept 2019
Europe/Lisbon timezone

What does remote attestation buy you?

9 Sept 2019, 15:00
45m
Floriana/room-II (Corinthia Hotel Lisbon)

Floriana/room-II

Corinthia Hotel Lisbon

200

Speaker

Matthew Garrett (Google)

Description

TPM remote attestation (a mechanism allowing remote sites to ask a computer to prove what software it booted) was an object of fear in the open source community in the 2000s, a potential existential threat to Linux's ability to interact with the free internet. These concerns have largely not been realised, and now there's increasing interest in ways we can use remote attestation to improve security while avoiding privacy concerns or attacks on user freedom.

More modern uses of remote attestation include simplifying deployment of machines to remote locations, easy recovery of systems with nothing more than a network connection, automatic issuance of machine identity tokens, trust-based access control to sensitive resources and more. We've released a full implementation, so this presentation will discuss how it can be tied in to various layers of the Linux stack in ways that give us new functionality without sacrificing security or freedom.

I agree to abide by the anti-harassment policy Yes

Primary author

Presentation materials

Diamond Sponsor

Platinum Sponsors



Gold Sponsors


Silver Sponsors

Evening Event Sponsor

Lunch Sponsor

Catchbox Sponsor

T-Shirt Sponsor

Official Carrier

Location Sponsor