SlideShare ist ein Scribd-Unternehmen logo

Talking TUF: Securing Software Distribution

‱
‱
Docker, Inc.
Docker, Inc.

The Update Framework (TUF) secures new or existing software update systems by providing a specification and library that can be flexibly and universally integrated or natively implemented. The update procedure is notoriously susceptible to malicious attacks and TUF is designed to prevent these and other updater weaknesses. Docker's Notary project integrates the Go implementation of TUF with Docker Content Trust to verify the publisher of Docker images. https://github.com/theupdateframework/tuf

Technologie
1 von 59
Downloaden Sie, um offline zu lesen
Talking TUF: Securing Software Distribution Justin Cappos, Trishank Kuppusamy, Vladimir Diaz, Santiago Torres, Sebastien Awwad, Lukas Puehringer New York University
What do these companies have in common?
What do these companies have in common? They all had a publicly disclosed software update hack!
Repository compromise impact ● SourceForge mirror distributed malware. ● Attackers impersonate Microsoft Windows Update to spread Flame malware. ● RubyGems compromised with RCE. ● Opera users automatically installed malware signed by compromised key. ● Node Packaged Modules compromised. ● Attacks on software updaters have massive impact ○ E.g. South Korea faced 765 million dollars in damages.
Commonly used (bad) techniques ● Why not sign all the software on a community repository? ● This way, we know whether or not attackers have tampered with software after a repository compromise. ● Couldn’t we already use previous systems --- GPG or TLS --- to do this?
The Problem with TLS ● Good ○ easy to set up ○ has nice lock icon users are trained to trust ● Bad ○ Lots of design / impl issues ○ Compromise repository -> game over
The Problem with GPG ● Good ○ Provides signature of software packages with offline keys (private keys kept off repository) so that attackers cannot tamper with packages after a repository compromise. ● Bad ○ have to manually verify public keys ○ trust for anything usually implies trust for everything ○ Furthermore, only 4% of software projects provide GPG signatures on PyPI, and 0.07% of users downloaded GPG signatures between March and April 2014.
● TUF is a secure software update framework. ● Built on ideas discussed with some folks from Tor. ● Plug-and-play (like TLS), but compromise resilient. ● Goal: support a wide array of different configurations ○ Support, don’t judge! “Survivable Key Compromise in Software Update Systems” (CCS 2010). 2010-Present: The Update Framework (TUF)
Design Principles 9 Responsibility Separation Multi-signature Trust Explicit and Implicit Revocation Minimize Individual Key and Role Risk
Design Principles 10 Responsibility Separation Delegate roles to divide responsibilities
Responsibility Separation 11 Content Timeliness
Design Principles 12 Minimize Individual Key and Role Risk Compromise Risk = Probability x Impact
Minimize Role & Key Risk 13 Root High-impact role? => Highly-secure keys Timeliness Online keys? => Low-impact role
Design Principles 14 Multi-signature Trust (t, n) signature threshold required for trust
Multi-signature Trust 15 A B A No risk to clients. Signature threshold: Two signatures
Design Principles 16 Explicit and Implicit Revocation
Explicit and Implicit Revocation 17 A C B Signature threshold: Two signatures A B B A
18 Design
19 Root Targets (projects) TimestampSnapshot
Malware attack django-1.7.1.tar.gz bcrypt-1.1.1.tar.gz flask-0.10.tar.gz django bcrypt flask django-1.8.tar.gz repository (compromised) user malware!
Versions of metadata django-1.7.1.tar.gzdjango metadata version developers packages ● packages ○ django-1.7.1.tar.gz ■ hash: X ● version: 1 Just as there as different versions of packages...
Versions of metadata django-1.7.1.tar.gz django django-1.8.tar.gz metadata version developers packages ● packages ○ django-1.8.tar.gz ■ hash: Y ○ django-1.7.1.tar.gz ■ hash: X ● version: 2 ...there are different versions of metadata corresponding to different versions of packages. The version number of a metadata file (e.g. 2) does not correspond with the version number of packages (e.g. 1.7.1).
Replay attack version package django bcrypt flask 4 5 2 version package django bcrypt flask 3 2 1 replay! old & vulnerable!
TUF: eager verification django-1.7.1.tar.gz bcrypt-1.1.1.tar.gz flask-0.10.tar.gz django bcrypt flask django-1.8.tar.gz repository user developer metadata snapshot administrator metadata hash hash hash version version version 1 2 3 5 4 User downloads all package metadata to verify snapshot metadata. Why? To prevent replay attacks, and not blindly trust administrators.
TUF: snapshot ● Adds a “snapshot” of all metadata/packages. version package django bcrypt flask 4 5 2 packages not installed, but metadata downloaded version package django bcrypt flask 4 2 1 packages installed, but with obsolete metadata replay!
Secure lazy verification django-1.7.1.tar.gz bcrypt-1.1.1.tar.gz flask-0.10.tar.gz django bcrypt flask django-1.8.tar.gz repository user developer metadata snapshot administrator metadata version version version version version version 1 2 3 User downloads only snapshot + desired package metadata! Trust administrators to specify accurate snapshot metadata.
Version checking ● Compact “snapshot” of all metadata/packages. version package django bcrypt flask 4 5 2 packages not installed, but version downloaded version package django bcrypt flask 4 2 1 packages installed, but with obsolete metadata replay!
Is this as secure as hash checking? ● So what security attacks have we given up? ○ Not malware attacks, because package metadata still signed with offline developer keys. ○ Not replay attacks, because snapshot metadata cannot specify older version numbers.
Fast-forward attack version package django bcrypt flask 4 5000 2000 packages not installed, but version downloaded version package django bcrypt flask 4 5 2 packages not installed, due to version mismatch denied! Only a mild, denial-of-service attack.
Okay, but is it as secure as hash checking? Yes! ● FF DoS (~= dropping requests) ○ Address by resetting version numbers after key revocation.
Example setup for TUF 1. Responsibility separation (roles) 2. Multitrust signatures (a.k.a. two-man rule). a. some roles like root may need multiple signatures from keys 3. Explicit and implicit revocation of keys. a. individual roles / keys timeout 4. Minimizing risk (with offline keys). 5. Further selective delegation from targets role. a. Gives trust without sharing keys, etc. Δ timestamp metadata packages online keys offline keys signs metadata for target package signs root keys for delegates packages to root snapshot targets A1 BC A.pkg C.gz signs for packages A.*B.*,C.* *.pkg A2 B.tar
Multi-trust signatures ● Can require multiple signatures for a role ○ Some keys can be lost / compromised and things work >>> repository = create_new_repository("repository/") >>> public_root_key = import_rsa_publickey_from_file("keystore/root_key.pub") >>> repository.root.add_verification_key(public_root_key) >>> public_root_key2 = import_rsa_publickey_from_file("keystore/root_key2.pub") >>> repository.root.add_verification_key(public_root_key2) # Threshold of each role defaults to 1. >>> repository.root.threshold 1 # Set threshold then need to write / sign the new root file. >>> repository.root.threshold = 2 >>> repository.root.load_signing_key(private_root_key) >>> repository.root.load_signing_key(private_root_key2) >>> repository.writeall()
Target (Project) Delegation in PyPI (PEP 480)
● Lots of good suggestions for changes to TUF ● Formal TUF Augmentation Proposal (TAP) process ○ Discuss ideas, when ‘close’ send TAP ○ We review closely ○ Test implementation ○ Approve ○ (Read TAPs 1 and 2 for details) https://github.com/theupdateframework/taps/blob/master/tap1.md Standardization process (TAPs)
● TAP 3 -- multi-role signatures (Evan / Jake) ○ Alice AND Bob must both sign package A ○ Lets one have ‘unequal’ quorums ● TAP 4 -- pinning repository keys (Evan / Jake) ○ The user can control the root of trust for parts of the namespace ■ Root role compromise !-> game over! ● TAP 5 -- specify URLs in root files ○ Makes it easy to change the repo location ● TAP 6 -- version numbers in root metadata (David) ● TAP ? -- hash chaining of timestamp metadata (???) ○ Coming soon? https://github.com/theupdateframework/taps/blob/master/tap1.md Standardization process (TAPs cont...)
Integrations of TUF (some on-going)
Related effort: Uptane (securing automotive software updates)
Uptane: Securely updating automobiles Work closely with vendors, OEMs, etc. ● Security reps from 79% of US cars ● Many top suppliers / vendors Account for deployment concerns ● Solutions are only useful if deployed ● Accommodate existing infrastructure, business relationships, etc. Standardize and harden ● Working toward SAE certification ● Professional security audit ● Free / open source, detailed tests /
Uptane: Securely updating automobiles Current design Latest downloaded metadata Latest downloaded encrypted image Boot- loader Previous metadata ECU keys
Uptane Timeline 40 ● Current tasks: ○ High level spec (complete!) ○ Multi-group security analysis (complete!) ○ Detailed impl specification (RFC-style) (?complete??) ○ Reference implementation (in progress) ○ Compliance test cases (in progress) ○ Deployment recommendations document (in progress) ● Upcoming: ○ Technology demonstration (Oct 18) ○ Public security review ○ SAE Standardization
Future work: healthcare, infrastructure too Healthcare systems: ● Often antiquated OSes / systems ● Only certified in a specific configurations ● Increasingly targeted Infrastructure: ● Often antiquated OSes / systems ● Reliability is the focus, not security ○ Remote access needed Security issues can have catastrophic impact!
Related effort: Toto (securing the software supply chain)
43
Toto
Toto: Overview Project owner Functionaries End User What needs to be done Perform steps, provide evidence Verify Layout Link Link Link Link Link Final Product
Toto: Overview Project owner Defines the steps that are required in this project’s software supply chain Layout ● Only Alice and Bob can commit to this VCS ● The build will be made using the company’s Gradle buildserver ● The project will be added to a docker recipe by Carl ● ...
Toto: OverviewFunctionaries Perform steps and provide evidence as link metadata Link Link Link ● Alice: I committed to the VCS ● Gradle buildserver: I compiled alice’s commit ● Carl: I pulled and made a docker image of all of this
Toto: Overview End user Verifies the metadata Link Link Link Link Link Final Product Layout
Timeline 49 ● Currently: ○ High level spec (release coming ~1 week) ○ Reference implementation (“complete” ~1-2 weeks) ● Upcoming: ○ Internal use (~2-3 weeks) ○ Compliance test cases (~3 weeks) ○ External beta testing (~1-2 mo) ○ Broad public release (???)
Wrapping up
Conclusion 51 ● Securing software distribution, etc. is hard ● Notary provides strong guarantees for Docker containers ● Use TAPs to get changes into TUF (let’s discuss first) ● Let’s work together! ○ https://github.com/theupdateframework/ ○ https://github.com/uptane ○ https://github.com/toto-framework
Thanks! Questions? https://theupdateframework.com https://isis.poly.edu/~jcappos/ jcappos@nyu.edu
My background... (2003-2008) ● Built the first package manager designed specifically for OSVMs (Stork) ○ Deployed on the research infrastructure “PlanetLab” ■ Practical experience: thousands of VM instances over 8 years of use ○ Packages are cached in a special VM and shared ■ Disk, memory, and bandwidth savings ■ Additional security risks [USENIX ATC 2005], [LISA 2007]
2008: Attacks on Linux package managers ● By changing unsigned metadata, we can compromise users. ● No protection against: ○ Arbitrary package attacks ○ Extraneous dependencies ○ Replay attacks ○ Mix-and-match attacks “A Look in the Mirror: Attacks on Package Managers” (CCS 2008).
Fixing Linux package managers ● Disclosed these security attacks via CERT (VU#230187). ● Major vendors have adopted our security architecture.
2009: Mission accomplished! ...or is it???
2009: Tor ● Tor: “We heard about your work. Can you help us fix our software updater?” ● Security is simple, right? ● How hard can this be anyway?
Thandy (Tor) ● The Thandy software updater for Tor ○ A quorum of keys for root of trust. ○ Signing by different compartmentalized key types. ○ Use online keys only to prevent freeze attacks and bound trust window.
Thandy (Tor) ● The Thandy software updater for Tor ○ A quorum of keys for root of trust. ○ Signing by different compartmentalized key types. ○ Use online keys only to prevent freeze attacks and bound trust window. ○ ...still not enough. ● Still found 8 security problems. ● Building your own secure software updater is not trivial.

Empfohlen

SonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualitySonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualityLarry Nung
 
DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
PowerShell and Azure DevOps
PowerShell and Azure DevOpsPowerShell and Azure DevOps
PowerShell and Azure DevOpsMatteo Emili
 
Faster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy PullingFaster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy PullingKohei Tokunaga
 
Intégration de SonarQube dans GitLab ci
Intégration de SonarQube dans GitLab ciIntégration de SonarQube dans GitLab ci
Intégration de SonarQube dans GitLab ciwiemfourati
 
Power of Azure Devops
Power of Azure DevopsPower of Azure Devops
Power of Azure DevopsAzure Riyadh User Group
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptxSatwik Bhupathi Raju
 

Empfohlen

SonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualitySonarQube - The leading platform for Continuous Code Quality
SonarQube - The leading platform for Continuous Code QualityLarry Nung
 
DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
PowerShell and Azure DevOps
PowerShell and Azure DevOpsPowerShell and Azure DevOps
PowerShell and Azure DevOpsMatteo Emili
 
Faster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy PullingFaster Container Image Distribution on a Variety of Tools with Lazy Pulling
Faster Container Image Distribution on a Variety of Tools with Lazy PullingKohei Tokunaga
 
Intégration de SonarQube dans GitLab ci
Intégration de SonarQube dans GitLab ciIntégration de SonarQube dans GitLab ci
Intégration de SonarQube dans GitLab ciwiemfourati
 
Power of Azure Devops
Power of Azure DevopsPower of Azure Devops
Power of Azure DevopsAzure Riyadh User Group
 
SonarQube Presentation.pptx
SonarQube Presentation.pptxSonarQube Presentation.pptx
SonarQube Presentation.pptxSatwik Bhupathi Raju
 
DevOps overview and tech interview tips
DevOps overview and tech interview tipsDevOps overview and tech interview tips
DevOps overview and tech interview tipsDaniel Bezerra
 
Jenkins Overview
Jenkins OverviewJenkins Overview
Jenkins OverviewAhmed M. Gomaa
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationhugo lu
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOpsMatthew David
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOpsSeniorStoryteller
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsTomas Honzak
 
Difference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs BitbucketDifference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs Bitbucketjeetendra mandal
 
CI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyCI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyDevOps.com
 
Exploring Docker in CI/CD
Exploring Docker in CI/CDExploring Docker in CI/CD
Exploring Docker in CI/CDHenry Huang
 
Open Source MANO(OSM)
Open Source MANO(OSM)Open Source MANO(OSM)
Open Source MANO(OSM)Eggy Cheng
 
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „sung young son
 
DevOps: Infrastructure as Code
DevOps: Infrastructure as CodeDevOps: Infrastructure as Code
DevOps: Infrastructure as CodeJulio Aziz Flores Casab
 
Track code quality with SonarQube
Track code quality with SonarQubeTrack code quality with SonarQube
Track code quality with SonarQubeDmytro Patserkovskyi
 
Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad Docker, Inc.
 
SecDevOps - The Operationalisation of Security
SecDevOps - The Operationalisation of SecuritySecDevOps - The Operationalisation of Security
SecDevOps - The Operationalisation of SecurityDinis Cruz
 
Fundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CDFundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CDBatyr Nuryyev
 
Masakari project onboarding
Masakari project onboardingMasakari project onboarding
Masakari project onboardingSampath Priyankara
 
OpenStack Deployment in the Enterprise
OpenStack Deployment in the Enterprise OpenStack Deployment in the Enterprise
OpenStack Deployment in the Enterprise Cisco Canada
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineRobert McDermott
 
DevOps
DevOps DevOps
DevOps Hakan YĂŒksel
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker, Inc.
 
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker, Inc.
 

Weitere Àhnliche Inhalte

Was ist angesagt?

DevOps overview and tech interview tips
DevOps overview and tech interview tipsDevOps overview and tech interview tips
DevOps overview and tech interview tipsDaniel Bezerra
 
Jenkins Overview
Jenkins OverviewJenkins Overview
Jenkins OverviewAhmed M. Gomaa
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationhugo lu
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOpsMatthew David
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOpsSeniorStoryteller
 
Difference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs BitbucketDifference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs Bitbucketjeetendra mandal
 
CI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyCI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyDevOps.com
 
Exploring Docker in CI/CD
Exploring Docker in CI/CDExploring Docker in CI/CD
Exploring Docker in CI/CDHenry Huang
 
Open Source MANO(OSM)
Open Source MANO(OSM)Open Source MANO(OSM)
Open Source MANO(OSM)Eggy Cheng
 
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „sung young son
 
Track code quality with SonarQube
Track code quality with SonarQubeTrack code quality with SonarQube
Track code quality with SonarQubeDmytro Patserkovskyi
 
Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad Docker, Inc.
 
SecDevOps - The Operationalisation of Security
SecDevOps - The Operationalisation of SecuritySecDevOps - The Operationalisation of Security
SecDevOps - The Operationalisation of SecurityDinis Cruz
 
Fundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CDFundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CDBatyr Nuryyev
 
Masakari project onboarding
Masakari project onboardingMasakari project onboarding
Masakari project onboardingSampath Priyankara
 
OpenStack Deployment in the Enterprise
OpenStack Deployment in the Enterprise OpenStack Deployment in the Enterprise
OpenStack Deployment in the Enterprise Cisco Canada
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineRobert McDermott
 

Was ist angesagt? (20)

DevOps overview and tech interview tips
DevOps overview and tech interview tipsDevOps overview and tech interview tips
DevOps overview and tech interview tips
 
Jenkins Overview
Jenkins OverviewJenkins Overview
Jenkins Overview
 
Continuous integration
Continuous integrationContinuous integration
Continuous integration
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOps
 
DevSecOps
DevSecOpsDevSecOps
DevSecOps
 
Difference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs BitbucketDifference between Github vs Gitlab vs Bitbucket
Difference between Github vs Gitlab vs Bitbucket
 
CI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyCI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps Journey
 
Exploring Docker in CI/CD
Exploring Docker in CI/CDExploring Docker in CI/CD
Exploring Docker in CI/CD
 
Open Source MANO(OSM)
Open Source MANO(OSM)Open Source MANO(OSM)
Open Source MANO(OSM)
 
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „
WebRTC 1.0 í‘œì€€ì™„ì„±êłŒ í˜„ìžŹ, ê·žëŠŹêł  닀음ëČ„ì „
 
DevOps: Infrastructure as Code
DevOps: Infrastructure as CodeDevOps: Infrastructure as Code
DevOps: Infrastructure as Code
 
Track code quality with SonarQube
Track code quality with SonarQubeTrack code quality with SonarQube
Track code quality with SonarQube
 
Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad Docker Compose by Aanand Prasad
Docker Compose by Aanand Prasad
 
SecDevOps - The Operationalisation of Security
SecDevOps - The Operationalisation of SecuritySecDevOps - The Operationalisation of Security
SecDevOps - The Operationalisation of Security
 
Fundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CDFundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CD
 
Masakari project onboarding
Masakari project onboardingMasakari project onboarding
Masakari project onboarding
 
OpenStack Deployment in the Enterprise
OpenStack Deployment in the Enterprise OpenStack Deployment in the Enterprise
OpenStack Deployment in the Enterprise
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
 
DevOps
DevOps DevOps
DevOps
 

Andere mochten auch

Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker, Inc.
 
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker, Inc.
 
containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRIDocker, Inc.
 
Prometheus design and philosophy
Prometheus design and philosophy Prometheus design and philosophy
Prometheus design and philosophy Docker, Inc.
 
Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Docker, Inc.
 
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...Docker, Inc.
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016Docker, Inc.
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Docker, Inc.
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
Docker Networking: Control plane and Data plane
Docker Networking: Control plane and Data planeDocker Networking: Control plane and Data plane
Docker Networking: Control plane and Data planeDocker, Inc.
 
Driving containerd operations with gRPC
Driving containerd operations with gRPCDriving containerd operations with gRPC
Driving containerd operations with gRPCDocker, Inc.
 
'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen Day'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen DayDocker, Inc.
 
Infinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container EnvironmentsInfinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container EnvironmentsDocker, Inc.
 
Containerd - core container runtime component
Containerd - core container runtime component Containerd - core container runtime component
Containerd - core container runtime component Docker, Inc.
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker, Inc.
 
Persistent storage tailored for containers
Persistent storage tailored for containersPersistent storage tailored for containers
Persistent storage tailored for containersDocker, Inc.
 
containerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerdcontainerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerdDocker, Inc.
 
Unikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOSUnikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOSDocker, Inc.
 
Heart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object ModelHeart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object ModelDocker, Inc.
 
Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containersDocker, Inc.
 

Andere mochten auch (20)

Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&A
 
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
 
containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRI
 
Prometheus design and philosophy
Prometheus design and philosophy Prometheus design and philosophy
Prometheus design and philosophy
 
Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica
 
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
 
Docker Networking: Control plane and Data plane
Docker Networking: Control plane and Data planeDocker Networking: Control plane and Data plane
Docker Networking: Control plane and Data plane
 
Driving containerd operations with gRPC
Driving containerd operations with gRPCDriving containerd operations with gRPC
Driving containerd operations with gRPC
 
'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen Day'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen Day
 
Infinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container EnvironmentsInfinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container Environments
 
Containerd - core container runtime component
Containerd - core container runtime component Containerd - core container runtime component
Containerd - core container runtime component
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EE
 
Persistent storage tailored for containers
Persistent storage tailored for containersPersistent storage tailored for containers
Persistent storage tailored for containers
 
containerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerdcontainerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerd
 
Unikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOSUnikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOS
 
Heart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object ModelHeart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object Model
 
Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers
 

Ähnlich wie Talking TUF: Securing Software Distribution

Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...Docker, Inc.
 
Agile Secure Development
Agile Secure DevelopmentAgile Secure Development
Agile Secure DevelopmentBosnia Agile
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityLinaro
 
Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOpsWeaveworks
 
MobSecCon 2015 - Burning Marshmallows
MobSecCon 2015 - Burning Marshmallows MobSecCon 2015 - Burning Marshmallows
MobSecCon 2015 - Burning Marshmallows Ron Munitz
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureYshay Yaacobi
 
How to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot EnvironmentsHow to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot EnvironmentsDevOps.com
 
Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxGiuseppe Paterno'
 
Voxxed Days Villnius 2015 - Burning Marshmallows
Voxxed Days Villnius 2015 - Burning MarshmallowsVoxxed Days Villnius 2015 - Burning Marshmallows
Voxxed Days Villnius 2015 - Burning MarshmallowsRon Munitz
 
CodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsCodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsRon Munitz
 
What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)Michael Diamant
 
Deep dive nella supply chain della nostra infrastruttura cloud
Deep dive nella supply chain della nostra infrastruttura cloudDeep dive nella supply chain della nostra infrastruttura cloud
Deep dive nella supply chain della nostra infrastruttura cloudsparkfabrik
 
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...sparkfabrik
 
Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...
Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...
Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...Demi Ben-Ari
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at DecisivTeleport
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...sparkfabrik
 
Continuous Delivery for Python Developers – PyCon Otto
Continuous Delivery for Python Developers – PyCon OttoContinuous Delivery for Python Developers – PyCon Otto
Continuous Delivery for Python Developers – PyCon OttoPeter Bittner
 

Ähnlich wie Talking TUF: Securing Software Distribution (20)

Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
 
Security in open source projects
Security in open source projectsSecurity in open source projects
Security in open source projects
 
Agile Secure Development
Agile Secure DevelopmentAgile Secure Development
Agile Secure Development
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source security
 
Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOps
 
MobSecCon 2015 - Burning Marshmallows
MobSecCon 2015 - Burning Marshmallows MobSecCon 2015 - Burning Marshmallows
MobSecCon 2015 - Burning Marshmallows
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
 
How to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot EnvironmentsHow to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot Environments
 
Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise Linux
 
Voxxed Days Villnius 2015 - Burning Marshmallows
Voxxed Days Villnius 2015 - Burning MarshmallowsVoxxed Days Villnius 2015 - Burning Marshmallows
Voxxed Days Villnius 2015 - Burning Marshmallows
 
CodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsCodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallows
 
What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)What to Expect When You're Expecting (to Own Production)
What to Expect When You're Expecting (to Own Production)
 
Deep dive nella supply chain della nostra infrastruttura cloud
Deep dive nella supply chain della nostra infrastruttura cloudDeep dive nella supply chain della nostra infrastruttura cloud
Deep dive nella supply chain della nostra infrastruttura cloud
 
Total E(A)gression defcon
Total E(A)gression defconTotal E(A)gression defcon
Total E(A)gression defcon
 
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
 
Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...
Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...
Hacker vs company, Cloud Cyber Security Automated with Kubernetes - Demi Ben-...
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
 
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
Drupal Dev Days Vienna 2023 - What is the secure software supply chain and th...
 
Continuous Delivery for Python Developers – PyCon Otto
Continuous Delivery for Python Developers – PyCon OttoContinuous Delivery for Python Developers – PyCon Otto
Continuous Delivery for Python Developers – PyCon Otto
 
Api gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceApi gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a service
 

Mehr von Docker, Inc.

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXDocker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeDocker, Inc.
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm Docker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDocker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices WorldDocker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with DockerDocker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog ScaleDocker, Inc.
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels Docker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDocker, Inc.
 

Mehr von Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

KĂŒrzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂșjo
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 

KĂŒrzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

Talking TUF: Securing Software Distribution

  • 1. Talking TUF: Securing Software Distribution Justin Cappos, Trishank Kuppusamy, Vladimir Diaz, Santiago Torres, Sebastien Awwad, Lukas Puehringer New York University
  • 2. What do these companies have in common?
  • 3. What do these companies have in common? They all had a publicly disclosed software update hack!
  • 4. Repository compromise impact ● SourceForge mirror distributed malware. ● Attackers impersonate Microsoft Windows Update to spread Flame malware. ● RubyGems compromised with RCE. ● Opera users automatically installed malware signed by compromised key. ● Node Packaged Modules compromised. ● Attacks on software updaters have massive impact ○ E.g. South Korea faced 765 million dollars in damages.
  • 5. Commonly used (bad) techniques ● Why not sign all the software on a community repository? ● This way, we know whether or not attackers have tampered with software after a repository compromise. ● Couldn’t we already use previous systems --- GPG or TLS --- to do this?
  • 6. The Problem with TLS ● Good ○ easy to set up ○ has nice lock icon users are trained to trust ● Bad ○ Lots of design / impl issues ○ Compromise repository -> game over
  • 7. The Problem with GPG ● Good ○ Provides signature of software packages with offline keys (private keys kept off repository) so that attackers cannot tamper with packages after a repository compromise. ● Bad ○ have to manually verify public keys ○ trust for anything usually implies trust for everything ○ Furthermore, only 4% of software projects provide GPG signatures on PyPI, and 0.07% of users downloaded GPG signatures between March and April 2014.
  • 8. ● TUF is a secure software update framework. ● Built on ideas discussed with some folks from Tor. ● Plug-and-play (like TLS), but compromise resilient. ● Goal: support a wide array of different configurations ○ Support, don’t judge! “Survivable Key Compromise in Software Update Systems” (CCS 2010). 2010-Present: The Update Framework (TUF)
  • 12. Design Principles 12 Minimize Individual Key and Role Risk Compromise Risk = Probability x Impact
  • 13. Minimize Role & Key Risk 13 Root High-impact role? => Highly-secure keys Timeliness Online keys? => Low-impact role
  • 15. Multi-signature Trust 15 A B A No risk to clients. Signature threshold: Two signatures
  • 17. Explicit and Implicit Revocation 17 A C B Signature threshold: Two signatures A B B A
  • 21. Versions of metadata django-1.7.1.tar.gzdjango metadata version developers packages ● packages ○ django-1.7.1.tar.gz ■ hash: X ● version: 1 Just as there as different versions of packages...
  • 22. Versions of metadata django-1.7.1.tar.gz django django-1.8.tar.gz metadata version developers packages ● packages ○ django-1.8.tar.gz ■ hash: Y ○ django-1.7.1.tar.gz ■ hash: X ● version: 2 ...there are different versions of metadata corresponding to different versions of packages. The version number of a metadata file (e.g. 2) does not correspond with the version number of packages (e.g. 1.7.1).
  • 23. Replay attack version package django bcrypt flask 4 5 2 version package django bcrypt flask 3 2 1 replay! old & vulnerable!
  • 25. TUF: snapshot ● Adds a “snapshot” of all metadata/packages. version package django bcrypt flask 4 5 2 packages not installed, but metadata downloaded version package django bcrypt flask 4 2 1 packages installed, but with obsolete metadata replay!
  • 27. Version checking ● Compact “snapshot” of all metadata/packages. version package django bcrypt flask 4 5 2 packages not installed, but version downloaded version package django bcrypt flask 4 2 1 packages installed, but with obsolete metadata replay!
  • 28. Is this as secure as hash checking? ● So what security attacks have we given up? ○ Not malware attacks, because package metadata still signed with offline developer keys. ○ Not replay attacks, because snapshot metadata cannot specify older version numbers.
  • 29. Fast-forward attack version package django bcrypt flask 4 5000 2000 packages not installed, but version downloaded version package django bcrypt flask 4 5 2 packages not installed, due to version mismatch denied! Only a mild, denial-of-service attack.
  • 30. Okay, but is it as secure as hash checking? Yes! ● FF DoS (~= dropping requests) ○ Address by resetting version numbers after key revocation.
  • 31. Example setup for TUF 1. Responsibility separation (roles) 2. Multitrust signatures (a.k.a. two-man rule). a. some roles like root may need multiple signatures from keys 3. Explicit and implicit revocation of keys. a. individual roles / keys timeout 4. Minimizing risk (with offline keys). 5. Further selective delegation from targets role. a. Gives trust without sharing keys, etc. Δ timestamp metadata packages online keys offline keys signs metadata for target package signs root keys for delegates packages to root snapshot targets A1 BC A.pkg C.gz signs for packages A.*B.*,C.* *.pkg A2 B.tar
  • 32. Multi-trust signatures ● Can require multiple signatures for a role ○ Some keys can be lost / compromised and things work >>> repository = create_new_repository("repository/") >>> public_root_key = import_rsa_publickey_from_file("keystore/root_key.pub") >>> repository.root.add_verification_key(public_root_key) >>> public_root_key2 = import_rsa_publickey_from_file("keystore/root_key2.pub") >>> repository.root.add_verification_key(public_root_key2) # Threshold of each role defaults to 1. >>> repository.root.threshold 1 # Set threshold then need to write / sign the new root file. >>> repository.root.threshold = 2 >>> repository.root.load_signing_key(private_root_key) >>> repository.root.load_signing_key(private_root_key2) >>> repository.writeall()
  • 33. Target (Project) Delegation in PyPI (PEP 480)
  • 34. ● Lots of good suggestions for changes to TUF ● Formal TUF Augmentation Proposal (TAP) process ○ Discuss ideas, when ‘close’ send TAP ○ We review closely ○ Test implementation ○ Approve ○ (Read TAPs 1 and 2 for details) https://github.com/theupdateframework/taps/blob/master/tap1.md Standardization process (TAPs)
  • 35. ● TAP 3 -- multi-role signatures (Evan / Jake) ○ Alice AND Bob must both sign package A ○ Lets one have ‘unequal’ quorums ● TAP 4 -- pinning repository keys (Evan / Jake) ○ The user can control the root of trust for parts of the namespace ■ Root role compromise !-> game over! ● TAP 5 -- specify URLs in root files ○ Makes it easy to change the repo location ● TAP 6 -- version numbers in root metadata (David) ● TAP ? -- hash chaining of timestamp metadata (???) ○ Coming soon? https://github.com/theupdateframework/taps/blob/master/tap1.md Standardization process (TAPs cont...)
  • 36. Integrations of TUF (some on-going)
  • 37. Related effort: Uptane (securing automotive software updates)
  • 38. Uptane: Securely updating automobiles Work closely with vendors, OEMs, etc. ● Security reps from 79% of US cars ● Many top suppliers / vendors Account for deployment concerns ● Solutions are only useful if deployed ● Accommodate existing infrastructure, business relationships, etc. Standardize and harden ● Working toward SAE certification ● Professional security audit ● Free / open source, detailed tests /
  • 39. Uptane: Securely updating automobiles Current design Latest downloaded metadata Latest downloaded encrypted image Boot- loader Previous metadata ECU keys
  • 40. Uptane Timeline 40 ● Current tasks: ○ High level spec (complete!) ○ Multi-group security analysis (complete!) ○ Detailed impl specification (RFC-style) (?complete??) ○ Reference implementation (in progress) ○ Compliance test cases (in progress) ○ Deployment recommendations document (in progress) ● Upcoming: ○ Technology demonstration (Oct 18) ○ Public security review ○ SAE Standardization
  • 41. Future work: healthcare, infrastructure too Healthcare systems: ● Often antiquated OSes / systems ● Only certified in a specific configurations ● Increasingly targeted Infrastructure: ● Often antiquated OSes / systems ● Reliability is the focus, not security ○ Remote access needed Security issues can have catastrophic impact!
  • 42. Related effort: Toto (securing the software supply chain)
  • 43. 43
  • 44. Toto
  • 45. Toto: Overview Project owner Functionaries End User What needs to be done Perform steps, provide evidence Verify Layout Link Link Link Link Link Final Product
  • 46. Toto: Overview Project owner Defines the steps that are required in this project’s software supply chain Layout ● Only Alice and Bob can commit to this VCS ● The build will be made using the company’s Gradle buildserver ● The project will be added to a docker recipe by Carl ● ...
  • 47. Toto: OverviewFunctionaries Perform steps and provide evidence as link metadata Link Link Link ● Alice: I committed to the VCS ● Gradle buildserver: I compiled alice’s commit ● Carl: I pulled and made a docker image of all of this
  • 48. Toto: Overview End user Verifies the metadata Link Link Link Link Link Final Product Layout
  • 49. Timeline 49 ● Currently: ○ High level spec (release coming ~1 week) ○ Reference implementation (“complete” ~1-2 weeks) ● Upcoming: ○ Internal use (~2-3 weeks) ○ Compliance test cases (~3 weeks) ○ External beta testing (~1-2 mo) ○ Broad public release (???)
  • 51. Conclusion 51 ● Securing software distribution, etc. is hard ● Notary provides strong guarantees for Docker containers ● Use TAPs to get changes into TUF (let’s discuss first) ● Let’s work together! ○ https://github.com/theupdateframework/ ○ https://github.com/uptane ○ https://github.com/toto-framework
  • 53. My background... (2003-2008) ● Built the first package manager designed specifically for OSVMs (Stork) ○ Deployed on the research infrastructure “PlanetLab” ■ Practical experience: thousands of VM instances over 8 years of use ○ Packages are cached in a special VM and shared ■ Disk, memory, and bandwidth savings ■ Additional security risks [USENIX ATC 2005], [LISA 2007]
  • 54. 2008: Attacks on Linux package managers ● By changing unsigned metadata, we can compromise users. ● No protection against: ○ Arbitrary package attacks ○ Extraneous dependencies ○ Replay attacks ○ Mix-and-match attacks “A Look in the Mirror: Attacks on Package Managers” (CCS 2008).
  • 55. Fixing Linux package managers ● Disclosed these security attacks via CERT (VU#230187). ● Major vendors have adopted our security architecture.
  • 57. 2009: Tor ● Tor: “We heard about your work. Can you help us fix our software updater?” ● Security is simple, right? ● How hard can this be anyway?
  • 58. Thandy (Tor) ● The Thandy software updater for Tor ○ A quorum of keys for root of trust. ○ Signing by different compartmentalized key types. ○ Use online keys only to prevent freeze attacks and bound trust window.
  • 59. Thandy (Tor) ● The Thandy software updater for Tor ○ A quorum of keys for root of trust. ○ Signing by different compartmentalized key types. ○ Use online keys only to prevent freeze attacks and bound trust window. ○ ...still not enough. ● Still found 8 security problems. ● Building your own secure software updater is not trivial.