October 4-6 in Berlin, Germany
Register Now for LinuxCon+ContainerCon Europe

Software Update Security: When the Going Gets Tough, Get TUF Going!- Riyaz Faizullabhoy & Lily Guo, Docker

Installing and updating software presents an interesting slate of security challenges. The Update Framework (TUF) helps developers secure new or existing software update systems. TUF provides protection against data tampering, rollbacks, and many cases of key compromise. This presentation will discuss both the attacks that TUF protects against and how it actually does so under the hood. Additionally, this presentation will demonstrate the usability aspects of TUF as it is currently implemented in Docker Notary and Docker Content Trust, in particular how simple it is to recover from key compromise and delegate trust to collaborators.

Speakers

Riyaz Faizullabhoy

Security Engineer, Docker, Inc

Riyaz is a security engineer at Docker, and previously researched systems security and malware detection at UC Berkeley. At Docker, he is currently focused on Notary: a content signing platform based on The Update Framework. Riyaz has previously spoken at LinuxCon North America, Docker... Read More →

When the going gets tough, get TUF going! Linuxcon EU pdf

Wednesday October 5, 2016 16:40 - 17:30 CEST
Tegel

Developer View all ContainerCon Sessions

Experience Level Intermediate

LinuxCon+ContainerCon Europe 2016

Riyaz Faizullabhoy

Attendees (28)

LinuxCon+ContainerCon Europe 2016

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Riyaz Faizullabhoy

Attendees (28)