The schedule is still fluid at the moment as the final approved sessions are added. We appreciate your patience.
Thursday, May 22 • 10:30am - 11:20am
Protecting the Integrity of the Linux System - Dmitry Kasatkin, Samsung

Sign up or log in to save this to your schedule and see who's attending!

Runtime system integrity is protected by access control mechanisms. The Linux kernel provides Discretionary Access Control (DAC) and several Mandatory Access Control modules, such as SELinux, SMACK, Tomoyo, AppArmor. All of these assume trustworthiness of the access control related data. Integrity protection is required to ensure that offline modification of such data will not remain undetected.

This presentation will summarize the different methods of achieving integrity protection at different layers, compare them and will show how to use them to build integrity protected system. It will present the current state and future of the VFS level Linux kernel Integrity Subsystem, which allows since 3.7 to build integrity protected system, and compare it with block-level integrity protection modules, such as dm-integrity and dv-verity.


Dmitry Kasatkin

Principal SW Engineer, Huawei
Dmitry Kasatkin has been a Linux user since 1996 and a developer since 2000. His first major open source project was the Affix Bluetooth stack for Linux, which includes kernel space and user space components and was the first Nokia GPL Open Source project. In 2008 Dmitry's focus shifted... Read More →

Thursday May 22, 2014 10:30am - 11:20am

Attendees (0)