We all recognize that the world of open source technology is advancing rapidly. With such rapid change how has that effected Cloud computing and in particular mature projects such as OpenStack. How does this change impact their technology, community and relationships with other related open source innovative efforts? Through this session Alan will provide some insight into the latest cloud industry trends, OpenStack community adoption to this change and the ties to cloud use for business today and tomorrow.
The Linux kernel is the largest collaborative software development projects ever. This talk will discuss exactly how Linux is developed, how fast it is happening, who is doing the work, and how we all stay sane keeping up with it. It will discuss the development model used, and how it differs from almost all "traditional" models of software development.
Thanks to work by Intel and Microsoft, TPMs are ubiquitous in today’s hardware, from tablets all the way to servers, and Thanks to Microsoft, the most recent incarnation: TPM 2.0 is being deployed reasonably universally. TPMs can perform four essential functions: secure measurement and logging, secure signing, encryption, and private key escrow, data sealing, and attestation. (TPMs can be divided into two classes: the modern 2.0 incarnation required by Microsoft and used in the Surface and newer systems and the older (and much more common) 1.2 System. Although his talk will mention the Older1.2 stack because it can do a significant subset of the 2.0 features, it will concentrate on 2.0 (because that's the one James has in his laptop). Most people have heard (at length) about measurement and all its problems. Here, We will explain how secure signing can be made to function where an external key is irretrievably (so that neither hackers nor the cloud service provider can get it) placed into a TPM and used to perform a variety of RSA authentication operations. The useful target for this is VPN, but there are a variety of other authentication systems for which this can be made to work. We also demonstrate how an existing RSA key can be wrapped for secure transmission to the TPM and then used via the OpenSSL engine functions, how an agreed PCR timer can make this key expire after an agreed interval, why it cannot ever be retrieved, and how the trust model actually works. And for the paranoid who don’t trust their own cloud provider, James covers how the TPM attestation functions can be used to verify exactly that you weren’t tricked into wrapping the key for a software-based TPM, which could allow the trickster to steal your private key. James then explains how sequestered trust models like the TPM can be used in the industry to enhance security even in an apparently insecure environment.
