Interoperability of trust: Device Standards, Container Standards, and the Missing Link.
Different devices have different levels of trust and security. These can range from being based on cryptography and secure provisioning – anything from hardware TPM through Secure Element to TEE/SGX to soft agents – to secure Root of Trust code, or on occasion there is just a certificate. When we come to use those, we need to distinguish who has access to those capabilities. This can be done with TrustZone, virtualization or Linux containers with or without SELinux or Kubernetes. The gaps between those two ends can be quite significant.
In this presentation, Jon Geater will introduce a set of considerations for the group that make it hard for an operating company to gain a consistent idea of how trusted all their different devices are, especially in a large device population. From this, they can then identify which threats they do or do not need to worry about in any given circumstance.
Chief Technology Officer, Thales e-Security, Inc.
Jon Geater is Chief Technology Officer for Thales eSecurity. Over his career he has had extensive experience of securing information systems from embedded components of a smart phone to international rail systems, smart energy networks, cloud computing platforms and worldwide payments infrastructure. He has held technology leadership roles in hi-tech companies such as Trustonic, ARM and nCipher.
Follow Jon on Twitter http://twitter.com/jongeater
[Contact mirko dot lindner at prplfoundation.org for details]