Bootstrap and maintain trust in the cloud with Keylime - Maya Costantini, Anderson Sasaki скачать в хорошем качестве

Bootstrap and maintain trust in the cloud with Keylime - Maya Costantini, Anderson Sasaki

Trusted Platform Modules (TPMs) are compact, cost-effective chips designed to execute a specific array of security operations. Acting as a Root of Trust, they establish a foundation of trust, pivotal for extending trust across diverse system components. TPMs enable remote machine identification or authentication, safeguarding secrets through hardware-based protection, and furnishing tangible proof of a machine's condition, known as attestation. However, deploying remote attestation and managing TPMs is not always an easy task for developers. Keylime (https://keylime.dev/) is a CNCF project that provides a framework that can be used for attestation of machines in the cluster where it is deployed. In this talk, you will learn how to use Keylime for easily establishing cryptographic trust for the system boot, runtime and create your own customized actions that will trigger when a machine fails its attested measurements.