Difference between revisions of "Linux Security Summit 2014"

From Linux Kernel Security Subsystem
Jump to navigation Jump to search
 
(20 intermediate revisions by 2 users not shown)
Line 17: Line 17:


All attendees and presenters must be registered to attend LinuxCon.
All attendees and presenters must be registered to attend LinuxCon.
'''The venue location is the 2nd Floor, "Superior" room A/B'''


= Schedule =
= Schedule =
Line 28: Line 31:
|-
|-
|09:00
|09:00
| <span style="color:navy">'''Keynote Talk'''</span>
| <span style="color:navy">'''Keynote Talk: Security and Boundaries'''</span> '''([http://www.hansenpartnership.com/SecuritySummit2014/ slides]) ([http://lwn.net/Articles/609003/ LWN coverage])'''
| [http://www.linux.com/news/special-feature/linux-developers/678568-30-linux-kernel-developers-in-30-weeks-james-bottomley James Bottomley], Parallels
| [http://www.linux.com/news/special-feature/linux-developers/678568-30-linux-kernel-developers-in-30-weeks-james-bottomley James Bottomley], Parallels
|-
|-
Line 35: Line 38:
|-
|-
|10:00
|10:00
| [[Linux_Security_Summit_2014/Abstracts/Cook_1|Verified Component Firmware]]
| [[Linux_Security_Summit_2014/Abstracts/Cook_1|Verified Component Firmware]] ''([http://kernsec.org/files/lss2014/cook_firmware.pdf slides])''
| Kees Cook, Google
| Kees Cook, Google
|-
|-
|10:45
|10:45
| [[Linux_Security_Summit_2014/Abstracts/Smalley|Protecting the Android TCB with SELinux]]
| [[Linux_Security_Summit_2014/Abstracts/Smalley|Protecting the Android TCB with SELinux]] ''([http://kernsec.org/files/lss2014/lss2014_androidtcb_smalley.pdf slides]) ([http://lwn.net/Articles/609511/ LWN coverage])''
| Stephen Smalley, NSA
| Stephen Smalley, NSA
|-
|-
Line 46: Line 49:
|-
|-
|11:45
|11:45
| [[Linux_Security_Summit_2014/Abstracts/Schaufler|Tizen, Security and the Internet of Things]]
| [[Linux_Security_Summit_2014/Abstracts/Schaufler|Tizen, Security and the Internet of Things]] ''([http://kernsec.org/files/lss2014/schaufler_201408-LinuxSecuritySummit-Tizen.pdf slides])''
| Casey Schaufler, Intel
| Casey Schaufler, Intel
|-
|-
Line 53: Line 56:
|-
|-
|14:00
|14:00
| [[Linux_Security_Summit_2014/Abstracts/Drysdale|Capsicum on Linux]]
| [[Linux_Security_Summit_2014/Abstracts/Drysdale|Capsicum on Linux]] ''([http://kernsec.org/files/lss2014/drysdale_CapsicumLSSSlides.pdf slides])''
| David Drysdale, Google
| David Drysdale, Google
|-
|-
|14:45
|14:45
| [[Linux_Security_Summit_2014/Abstracts/Kurmus|Quantifying and Reducing the Kernel Attack Surface]]  
| [[Linux_Security_Summit_2014/Abstracts/Kurmus|Quantifying and Reducing the Kernel Attack Surface]] ''([http://kernsec.org/files/lss2014/kurmus_quantify_reduce_kernel_attack_surface.pdf slides])''
| Anil Kurmus, IBM
| Anil Kurmus, IBM
|-
|-
Line 64: Line 67:
|-
|-
|15:45
|15:45
| [[Linux_Security_Summit_2014/Abstracts/Safford|Extending the Linux Integrity Subsystem for TCB Protection]]
| [[Linux_Security_Summit_2014/Abstracts/Safford|Extending the Linux Integrity Subsystem for TCB Protection]] ''([http://kernsec.org/files/lss2014/safford_tcb_integrity.pdf slides])''
| David Safford & Mimi Zohar, IBM
| David Safford & Mimi Zohar, IBM
|-
|-
|16:30
|16:30
| [[Linux_Security_Summit_2014/Abstracts/Cook_2|Trusted Kernel Lock-down Patch Series]] (discussion)  
| [[Linux_Security_Summit_2014/Abstracts/Cook_2|Trusted Kernel Lock-down Patch Series]] -- discussion ''([http://kernsec.org/files/lss2014/cook_lockdown.pdf slides])''
| Kees Cook, Google
| Kees Cook, Google
|-
|-
Line 83: Line 86:
|-
|-
|09:00
|09:00
| SELinux update
| SELinux update ''([http://kernsec.org/files/lss2014/lss-state_of_selinux-pmoore-082014-r1.pdf slides])''
| Paul Moore, Red Hat
| Paul Moore, Red Hat
|-
|-
|09:20
|09:20
| AppArmor update
| AppArmor update ''([http://kernsec.org/files/lss2014/hicks_lss-2014-apparmor-review.pdf slides])''
| TBA
| Tyler Hicks, Canonical
|-
|-
|09:40
|09:40
| Integrity update
| Integrity update ''([http://kernsec.org/files/lss2014/zohar_LSS2014-LinuxIntegritySubsystem-status.pdf slides])''
| Mimi Zohar, IBM
| Mimi Zohar, IBM
|-
|-
|10:00
|10:00
| Smack update
| Smack update ''([http://kernsec.org/files/lss2014/schaufler_201408-LinuxSecuritySummit-Smack.pdf slides])''
| Casey Schaufler, Intel
| Casey Schaufler, Intel  
|-
|-
|''10:20''
|''10:20''
Line 102: Line 105:
|-
|-
|10:30
|10:30
| Crypto update ''([http://kernsec.org/files/lss2014/xu-crypto-201408.odp slides])''
| Herbert Xu, Red Hat
|-
|10:50
| Seccomp update ''([http://kernsec.org/files/lss2014/cook_seccomp.pdf slides])''
| Kees Cook, Google
|-
|11:20
|colspan="2"| Break-out Session #1
|colspan="2"| Break-out Session #1
|-
|-
||''12:00''
|''12:30''
|colspan="2"|''Lunch (self-funded at a nearby location)''
|colspan="2"|''Lunch (self-funded at a nearby location)''
|-
|-
|13:30
|14:00
| [[Linux_Security_Summit_2014/Abstracts/Halcrow|EXT4 Encryption]] (discussion)
| [[Linux_Security_Summit_2014/Abstracts/Halcrow|EXT4 Encryption]] - discussion ''([http://kernsec.org/files/lss2014/Halcrow_EXT4_Encryption.pdf slides])''
| Michael Halcrow & Ted Ts'o, Google
| Michael Halcrow & Ted Ts'o, Google
|-
|-
|''14:30''
|''15:00''
| colspan="2"|''Break''
| colspan="2"|''Break''
|-
|-
|14:45
|15:15
| [[Linux_Security_Summit_2014/Abstracts/Hallyn|Application Confinement with User Namespaces]]  
| [[Linux_Security_Summit_2014/Abstracts/Hallyn|Application Confinement with User Namespaces]] ''([http://kernsec.org/files/lss2014/hallyn_namespaces.pdf slides])''
| Serge Hallyn & Stéphane Graber, Canonical
| Serge Hallyn & Stéphane Graber, Canonical
|-
|-
|15:30  
|16:00  
|colspan="2"| Break-out Session #2
|colspan="2"| Break-out Session #2
|-
|-

Latest revision as of 01:22, 5 September 2014

Description

The Linux Security Summit (LSS) is a technical forum for collaboration between Linux developers, researchers, and end users. Its primary aim is to foster community efforts in analyzing and solving Linux security challenges.

The format of the summit will be:

  • Refereed presentations
  • Subsystem updates
  • Breakout development sessions

Event

The Linux Security Summit for 2014 will be held across 18 and 19 August in Chicago, USA. It will be co-located with LinuxCon, along with the Kernel Summit and other events.

All attendees and presenters must be registered to attend LinuxCon.


The venue location is the 2nd Floor, "Superior" room A/B

Schedule

Day 1 (Monday 18th August)

Time Title Presenter
09:00 Keynote Talk: Security and Boundaries (slides) (LWN coverage) James Bottomley, Parallels
09:50 Break
10:00 Verified Component Firmware (slides) Kees Cook, Google
10:45 Protecting the Android TCB with SELinux (slides) (LWN coverage) Stephen Smalley, NSA
11:30 Break
11:45 Tizen, Security and the Internet of Things (slides) Casey Schaufler, Intel
12:30 Lunch (self-funded at a nearby location)
14:00 Capsicum on Linux (slides) David Drysdale, Google
14:45 Quantifying and Reducing the Kernel Attack Surface (slides) Anil Kurmus, IBM
15:30 Break
15:45 Extending the Linux Integrity Subsystem for TCB Protection (slides) David Safford & Mimi Zohar, IBM
16:30 Trusted Kernel Lock-down Patch Series -- discussion (slides) Kees Cook, Google
17:00 Finish

Day 2 (Tuesday 19th August)

Time Title Presenter
09:00 SELinux update (slides) Paul Moore, Red Hat
09:20 AppArmor update (slides) Tyler Hicks, Canonical
09:40 Integrity update (slides) Mimi Zohar, IBM
10:00 Smack update (slides) Casey Schaufler, Intel
10:20 Break
10:30 Crypto update (slides) Herbert Xu, Red Hat
10:50 Seccomp update (slides) Kees Cook, Google
11:20 Break-out Session #1
12:30 Lunch (self-funded at a nearby location)
14:00 EXT4 Encryption - discussion (slides) Michael Halcrow & Ted Ts'o, Google
15:00 Break
15:15 Application Confinement with User Namespaces (slides) Serge Hallyn & Stéphane Graber, Canonical
16:00 Break-out Session #2
17:00 Finish

Call for Participation

The CFP is now closed.

The program committee currently seeks sought proposals for:

  • Refereed Presentations: 45 minutes in length, including at least 10 minutes of discussion. Papers are encouraged.
  • Discussion Topics: 30 minutes in length.


Topic areas include, but are not limited to:

  • System hardening
  • Access control
  • Cryptography
  • Integrity control
  • Hardware security
  • Networking
  • Storage
  • Virtualization
  • Desktop
  • Tools
  • Management
  • Case studies
  • Emerging technologies, threats & techniques


Proposals should be submitted in plain text via email to the program committee at: lss-pc (_at_) ext.namei.org

Abstracts should be approximately 150 words in total.

Program Committee

The Linux Security Summit for 2014 is organized by:

  • James Morris, Oracle
  • Serge Hallyn, Canonical
  • Paul Moore, Red Hat
  • Stephen Smalley, NSA
  • Joshua Brindle, Quark Security
  • Herbert Xu, Red Hat
  • John Johansen, Canonical
  • Kees Cook, Google
  • Casey Schaufler, Intel
  • Mimi Zohar, IBM

The program committee may be contacted as a group via email: lss-pc [at] lists.linuxfoundation.org