LinuxSecuritySummit2011/Abstracts/Safford Integrity

From Linux Security Wiki (obsolete)
Revision as of 05:30, 15 June 2011 by JamesMorris (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


An Overview of the Linux Integrity Subsystem: Use Cases and Demonstration


David Safford and Mimi Zohar, IBM


The first component of the Linux Integrity Subsystem, the Integrity Measurement Architecture (IMA), was introduced in kernel 2.6.30. Since then, additional components, including Trusted and Encrypted Keys, Ecryptfs patches for Encrypted Keys, IMA-Appraisal, Extended Verification Module (EVM), Digital Signatures for IMA-Appraisal and for EVM, and patches for Qemu to extend the model into KVM guests have been developed. One problem with all of the new components is understanding exactly what the overall subsystem is supposed to accomplish. What do all of these components do, not do, and why should I care?

This talk will concentrate on use cases for the overall architecture, including demonstrations of key capabilities.

Personal tools