LinuxSecuritySummit2011/Abstracts/Ware Meego
Title
MeeGo Security Update
Presenter
Ryan Ware, Intel
Abstract
The security of the MeeGo platform has evolved dramatically since MeeGo 1.0 was released. The original release was focused on the Netbook and used a wide open, single-user security model. Since that release, MeeGo has been focusing on many different verticals besides Netbook including Tablet, Handheld and In-Vehicle-Infotainment (IVI). The security framework put in place for MeeGo must be applicable to all the verticals with their disparate and sometimes conflicting security requirements. This is how we use access controls, integrity checks, isolation and other technologies to keep all our verticals secure. To accomplish these goals, MeeGo uses generally available Linux technologies (DAC, Smack, systemd, cgroups, Linux Containers, btrfs and IMA/EVM) in a unique way that allows a flexible security solution that can scale to all environments that MeeGo requires. People who attend can expect to get an overview of the MeeGo security architecture and how it compares with other Linux-based solutions.