August 22nd - 24th in Toronto, Canada
Register Now for LinuxCon+ContainerCon North America 2016!
Back To Schedule
Monday, August 22 • 4:20pm - 5:10pm
Extending Chains of Trust to Containers and the Cloud - Matthew Garrett, CoreOS

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Trusted Computing provides the tools needed to ensure that Containers are only run on hardware that can prove its Trustworthiness. That's a solved problem. But what if we want the same sort of assurances about our Containers themselves? And what if we want to do this in the Cloud rather than on bare metal? Where do we go next?

This presentation will describe how we can extend the same Trusted Computing technologies we're using to validate the system boot process to also validate the launched Containers, and how this can be used to produce a cryptographically verifiable audit trail and prevent undesirable combinations of Containers. It will also discuss how these techniques can be adopted in Cloud environments without requiring the use of a virtual TPM, increasing Trust throughout the container ecosystem.


Matthew Garrett

Staff Security Developer, Google
Matthew Garrett is a security developer at Google, working on infrastructural security for Linux desktop and mobile platforms.

Monday August 22, 2016 4:20pm - 5:10pm EDT
Queen's Quay