This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
August 22nd - 24th in Toronto, Canada
Register Now for LinuxCon+ContainerCon North America 2016!
View analytic
Monday, August 22 • 4:20pm - 5:10pm
Extending Chains of Trust to Containers and the Cloud - Matthew Garrett, CoreOS

Sign up or log in to save this to your schedule and see who's attending!

Trusted Computing provides the tools needed to ensure that Containers are only run on hardware that can prove its Trustworthiness. That's a solved problem. But what if we want the same sort of assurances about our Containers themselves? And what if we want to do this in the Cloud rather than on bare metal? Where do we go next?

This presentation will describe how we can extend the same Trusted Computing technologies we're using to validate the system boot process to also validate the launched Containers, and how this can be used to produce a cryptographically verifiable audit trail and prevent undesirable combinations of Containers. It will also discuss how these techniques can be adopted in Cloud environments without requiring the use of a virtual TPM, increasing Trust throughout the container ecosystem.


Matthew Garrett

Principal Security Developer, CoreOS
Matthew Garrett is a security developer at CoreOS, developing technologies to improve the security of containers and the systems that run them. He has a background in firmware integration, power management and fruitfly genetics and so has atypical ideas about system complexity and the ease of reverse engineering. He is a board member of the Free Software Foundation and passionate defender of user freedoms

Monday August 22, 2016 4:20pm - 5:10pm
Queen's Quay

Attendees (46)