Loading…
The Sched app allows you to build your schedule but is not a substitute for your event registration. In addition, you must be registered for Linux Security Summit to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC-7. Please select from the drop-down menu to the right to see the schedule in your preferred timezone above "Filter by Date."
Back To Schedule
Wednesday, September 29 • 4:45pm - 5:30pm
(VIRTUAL) Securing TPM Secrets in the Datacenter - Paul Moore, Microsoft & Joy Latten, Cisco

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This talk will focus on how existing technologies such as UEFI Secure Boot, the UEFI shim bootloader, and TPM2 can be combined to provide a secure secret storage such that only authorized OSes are able to access the secrets. Further, the approach described in this presentation has been designed to function across lights-out firmware, bootloader, and system updates, making this solution appealing for datacenter systems with limited physical access. Additional discussion points will include considerations for unrestricted developer systems and reprovisioning the TPM2 in deployed systems. The first half of this presentation will discuss the ideas behind the design of our solution, including why a different approach was necessary. The second half of this presentation will describe our experience implementing this design and the lessons we learned along the way.

Speakers
avatar for Paul Moore

Paul Moore

Principal Software Engineer, Microsoft
Paul Moore has been involved in various Linux security efforts since 2004 at Hewlett-Packard, Red Hat, Cisco, and presently, Microsoft. He currently maintains the SELinux, audit, and labeled networking subsystems in the Linux Kernel as well as the libseccomp userspace library.
JL

Joy Latten

Software Engineer, Cisco
Member of the puzzleOS team at Cisco. Currently working on various security tasks for puzzleOS. Have worked on security projects in opensource for 18+ years.


Wednesday September 29, 2021 4:45pm - 5:30pm PDT
AccelEvents