Dates
Conferences
Tags
Sort by:
Most recent
Conference: Global AppSec Dublin 2023
Authors: Moti Harmats
2023-02-16
tldr - powered by Generative AI
The speaker discusses the importance of monitoring server error logs for security vulnerabilities and shares their experience of discovering critical vulnerabilities through this method.
- Server error logs can contain indications of application vulnerabilities
- Creating detection rules and signatures for server error logs can help identify vulnerabilities
- Lessons learned from monitoring server error logs at scale and in distributed systems
- Automating security processes is crucial for large enterprises with limited security resources
Conference: Linux Security Summit Europe 2022
Authors: Zahra Tarkhani
2022-09-15
tldr - powered by Generative AI
The presentation discusses the challenges of secure partitioning and sharing hardware resources within complex system layers of heterogeneous SoC architectures and proposes a hardware-assisted dynamic partitioning framework for Linux- and TEE-based architectures.
- Heterogeneous SoC architectures are becoming more popular for complex IoT and edge devices
- Multiple CPUs and peripherals require secure partitioning and sharing of hardware resources
- Static hardware partitioning at boot time cannot satisfy most use cases' security, performance, or compatibility requirements
- Hardware-assisted dynamic partitioning framework is proposed for Linux- and TEE-based architectures
- Framework modifies the Linux kernel, trusted firmware, and TEE kernel to achieve fine-grained privilege separation
- Hardware features such as mdac, pack, and mrcs enable hierarchical access control policies for logical separation of secure world from normal world
- Multiple trusted execution environments and enclaves can be combined to provide strong security features for different use cases