Difference between revisions of "Linux Security Summit 2014"
JamesMorris (talk | contribs) |
JamesMorris (talk | contribs) |
||
(21 intermediate revisions by 2 users not shown) | |||
Line 17: | Line 17: | ||
All attendees and presenters must be registered to attend LinuxCon. | All attendees and presenters must be registered to attend LinuxCon. | ||
'''The venue location is the 2nd Floor, "Superior" room A/B''' | |||
= Schedule = | = Schedule = | ||
Line 28: | Line 31: | ||
|- | |- | ||
|09:00 | |09:00 | ||
| <span style="color:navy">'''Keynote Talk'''</span> | | <span style="color:navy">'''Keynote Talk: Security and Boundaries'''</span> '''([http://www.hansenpartnership.com/SecuritySummit2014/ slides]) ([http://lwn.net/Articles/609003/ LWN coverage])''' | ||
| [http://www.linux.com/news/special-feature/linux-developers/678568-30-linux-kernel-developers-in-30-weeks-james-bottomley James Bottomley], Parallels | | [http://www.linux.com/news/special-feature/linux-developers/678568-30-linux-kernel-developers-in-30-weeks-james-bottomley James Bottomley], Parallels | ||
|- | |- | ||
Line 35: | Line 38: | ||
|- | |- | ||
|10:00 | |10:00 | ||
| [[Linux_Security_Summit_2014/Abstracts/Cook_1|Verified Component Firmware]] | | [[Linux_Security_Summit_2014/Abstracts/Cook_1|Verified Component Firmware]] ''([http://kernsec.org/files/lss2014/cook_firmware.pdf slides])'' | ||
| Kees Cook, Google | | Kees Cook, Google | ||
|- | |- | ||
|10:45 | |10:45 | ||
| [[Linux_Security_Summit_2014/Abstracts/Smalley|Protecting the Android TCB with SELinux]] | | [[Linux_Security_Summit_2014/Abstracts/Smalley|Protecting the Android TCB with SELinux]] ''([http://kernsec.org/files/lss2014/lss2014_androidtcb_smalley.pdf slides]) ([http://lwn.net/Articles/609511/ LWN coverage])'' | ||
| Stephen Smalley, NSA | | Stephen Smalley, NSA | ||
|- | |- | ||
Line 46: | Line 49: | ||
|- | |- | ||
|11:45 | |11:45 | ||
| [[Linux_Security_Summit_2014/Abstracts/Schaufler|Tizen, Security and the Internet of Things]] | | [[Linux_Security_Summit_2014/Abstracts/Schaufler|Tizen, Security and the Internet of Things]] ''([http://kernsec.org/files/lss2014/schaufler_201408-LinuxSecuritySummit-Tizen.pdf slides])'' | ||
| Casey Schaufler, Intel | | Casey Schaufler, Intel | ||
|- | |- | ||
Line 53: | Line 56: | ||
|- | |- | ||
|14:00 | |14:00 | ||
| [[Linux_Security_Summit_2014/Abstracts/Drysdale|Capsicum on Linux]] | | [[Linux_Security_Summit_2014/Abstracts/Drysdale|Capsicum on Linux]] ''([http://kernsec.org/files/lss2014/drysdale_CapsicumLSSSlides.pdf slides])'' | ||
| David Drysdale, Google | | David Drysdale, Google | ||
|- | |- | ||
|14:45 | |14:45 | ||
| [[Linux_Security_Summit_2014/Abstracts/Kurmus|Quantifying and Reducing the Kernel Attack Surface]] | | [[Linux_Security_Summit_2014/Abstracts/Kurmus|Quantifying and Reducing the Kernel Attack Surface]] ''([http://kernsec.org/files/lss2014/kurmus_quantify_reduce_kernel_attack_surface.pdf slides])'' | ||
| Anil Kurmus, IBM | | Anil Kurmus, IBM | ||
|- | |- | ||
Line 64: | Line 67: | ||
|- | |- | ||
|15:45 | |15:45 | ||
| [[Linux_Security_Summit_2014/Abstracts/Safford|Extending the Linux Integrity Subsystem for TCB Protection]] | | [[Linux_Security_Summit_2014/Abstracts/Safford|Extending the Linux Integrity Subsystem for TCB Protection]] ''([http://kernsec.org/files/lss2014/safford_tcb_integrity.pdf slides])'' | ||
| David Safford & Mimi Zohar, IBM | | David Safford & Mimi Zohar, IBM | ||
|- | |- | ||
|16:30 | |16:30 | ||
| [[Linux_Security_Summit_2014/Abstracts/Cook_2|Trusted Kernel Lock-down Patch Series]] ( | | [[Linux_Security_Summit_2014/Abstracts/Cook_2|Trusted Kernel Lock-down Patch Series]] -- discussion ''([http://kernsec.org/files/lss2014/cook_lockdown.pdf slides])'' | ||
| Kees Cook, Google | | Kees Cook, Google | ||
|- | |- | ||
Line 83: | Line 86: | ||
|- | |- | ||
|09:00 | |09:00 | ||
| SELinux update | | SELinux update ''([http://kernsec.org/files/lss2014/lss-state_of_selinux-pmoore-082014-r1.pdf slides])'' | ||
| Paul Moore, Red Hat | | Paul Moore, Red Hat | ||
|- | |- | ||
|09:20 | |09:20 | ||
| AppArmor update | | AppArmor update ''([http://kernsec.org/files/lss2014/hicks_lss-2014-apparmor-review.pdf slides])'' | ||
| | | Tyler Hicks, Canonical | ||
|- | |- | ||
|09:40 | |09:40 | ||
| Integrity update | | Integrity update ''([http://kernsec.org/files/lss2014/zohar_LSS2014-LinuxIntegritySubsystem-status.pdf slides])'' | ||
| Mimi Zohar, IBM | | Mimi Zohar, IBM | ||
|- | |- | ||
|10:00 | |10:00 | ||
| Smack update | | Smack update ''([http://kernsec.org/files/lss2014/schaufler_201408-LinuxSecuritySummit-Smack.pdf slides])'' | ||
| Casey Schaufler, Intel | | Casey Schaufler, Intel | ||
|- | |- | ||
|''10:20'' | |''10:20'' | ||
Line 102: | Line 105: | ||
|- | |- | ||
|10:30 | |10:30 | ||
| Crypto update ''([http://kernsec.org/files/lss2014/xu-crypto-201408.odp slides])'' | |||
| Herbert Xu, Red Hat | |||
|- | |||
|10:50 | |||
| Seccomp update ''([http://kernsec.org/files/lss2014/cook_seccomp.pdf slides])'' | |||
| Kees Cook, Google | |||
|- | |||
|11:20 | |||
|colspan="2"| Break-out Session #1 | |colspan="2"| Break-out Session #1 | ||
|- | |- | ||
|''12:30'' | |||
|colspan="2"|''Lunch (self-funded at a nearby location)'' | |colspan="2"|''Lunch (self-funded at a nearby location)'' | ||
|- | |- | ||
| | |14:00 | ||
| [[Linux_Security_Summit_2014/Abstracts/Halcrow|EXT4 Encryption]] ( | | [[Linux_Security_Summit_2014/Abstracts/Halcrow|EXT4 Encryption]] - discussion ''([http://kernsec.org/files/lss2014/Halcrow_EXT4_Encryption.pdf slides])'' | ||
| Michael Halcrow & Ted Ts'o, Google | | Michael Halcrow & Ted Ts'o, Google | ||
|- | |- | ||
|'' | |''15:00'' | ||
| colspan="2"|''Break'' | | colspan="2"|''Break'' | ||
|- | |- | ||
| | |15:15 | ||
| [[Linux_Security_Summit_2014/Abstracts/Hallyn|Application Confinement with User Namespaces]] | | [[Linux_Security_Summit_2014/Abstracts/Hallyn|Application Confinement with User Namespaces]] ''([http://kernsec.org/files/lss2014/hallyn_namespaces.pdf slides])'' | ||
| Serge Hallyn & Stéphane Graber, Canonical | | Serge Hallyn & Stéphane Graber, Canonical | ||
|- | |- | ||
| | |16:00 | ||
|colspan="2"| Break-out Session #2 | |colspan="2"| Break-out Session #2 | ||
|- | |- | ||
Line 130: | Line 141: | ||
'''The CFP is now closed.''' | '''The CFP is now closed.''' | ||
The program committee currently seeks proposals for: | The program committee <s>currently seeks</s> sought proposals for: | ||
* Refereed Presentations: 45 minutes in length, including at least 10 minutes of discussion. Papers are encouraged. | * Refereed Presentations: 45 minutes in length, including at least 10 minutes of discussion. Papers are encouraged. |
Latest revision as of 01:22, 5 September 2014
Description
The Linux Security Summit (LSS) is a technical forum for collaboration between Linux developers, researchers, and end users. Its primary aim is to foster community efforts in analyzing and solving Linux security challenges.
The format of the summit will be:
- Refereed presentations
- Subsystem updates
- Breakout development sessions
Event
The Linux Security Summit for 2014 will be held across 18 and 19 August in Chicago, USA. It will be co-located with LinuxCon, along with the Kernel Summit and other events.
All attendees and presenters must be registered to attend LinuxCon.
The venue location is the 2nd Floor, "Superior" room A/B
Schedule
Day 1 (Monday 18th August)
Time | Title | Presenter |
---|---|---|
09:00 | Keynote Talk: Security and Boundaries (slides) (LWN coverage) | James Bottomley, Parallels |
09:50 | Break | |
10:00 | Verified Component Firmware (slides) | Kees Cook, Google |
10:45 | Protecting the Android TCB with SELinux (slides) (LWN coverage) | Stephen Smalley, NSA |
11:30 | Break | |
11:45 | Tizen, Security and the Internet of Things (slides) | Casey Schaufler, Intel |
12:30 | Lunch (self-funded at a nearby location) | |
14:00 | Capsicum on Linux (slides) | David Drysdale, Google |
14:45 | Quantifying and Reducing the Kernel Attack Surface (slides) | Anil Kurmus, IBM |
15:30 | Break | |
15:45 | Extending the Linux Integrity Subsystem for TCB Protection (slides) | David Safford & Mimi Zohar, IBM |
16:30 | Trusted Kernel Lock-down Patch Series -- discussion (slides) | Kees Cook, Google |
17:00 | Finish |
Day 2 (Tuesday 19th August)
Time | Title | Presenter |
---|---|---|
09:00 | SELinux update (slides) | Paul Moore, Red Hat |
09:20 | AppArmor update (slides) | Tyler Hicks, Canonical |
09:40 | Integrity update (slides) | Mimi Zohar, IBM |
10:00 | Smack update (slides) | Casey Schaufler, Intel |
10:20 | Break | |
10:30 | Crypto update (slides) | Herbert Xu, Red Hat |
10:50 | Seccomp update (slides) | Kees Cook, Google |
11:20 | Break-out Session #1 | |
12:30 | Lunch (self-funded at a nearby location) | |
14:00 | EXT4 Encryption - discussion (slides) | Michael Halcrow & Ted Ts'o, Google |
15:00 | Break | |
15:15 | Application Confinement with User Namespaces (slides) | Serge Hallyn & Stéphane Graber, Canonical |
16:00 | Break-out Session #2 | |
17:00 | Finish |
Call for Participation
The CFP is now closed.
The program committee currently seeks sought proposals for:
- Refereed Presentations: 45 minutes in length, including at least 10 minutes of discussion. Papers are encouraged.
- Discussion Topics: 30 minutes in length.
Topic areas include, but are not limited to:
- System hardening
- Access control
- Cryptography
- Integrity control
- Hardware security
- Networking
- Storage
- Virtualization
- Desktop
- Tools
- Management
- Case studies
- Emerging technologies, threats & techniques
Proposals should be submitted in plain text via email to the program
committee at: lss-pc (_at_) ext.namei.org
Abstracts should be approximately 150 words in total.
Program Committee
The Linux Security Summit for 2014 is organized by:
- James Morris, Oracle
- Serge Hallyn, Canonical
- Paul Moore, Red Hat
- Stephen Smalley, NSA
- Joshua Brindle, Quark Security
- Herbert Xu, Red Hat
- John Johansen, Canonical
- Kees Cook, Google
- Casey Schaufler, Intel
- Mimi Zohar, IBM
The program committee may be contacted as a group via email: lss-pc [at] lists.linuxfoundation.org