Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Don’t miss the Linux Security Summit, be sure to register now! 
View analytic
Friday, August 26 • 15:45 - 16:30
Integrity Protection and Access Control - Who Do You Trust? - Glenn Wurster, BlackBerry

Sign up or log in to save this to your schedule and see who's attending!

Without file-system and boot integrity for all storage, on-line access control against a physical attacker is a masquerade. Using an off-line attack, an attacker can change the permissions, contents, and even the SELinux label of a file not integrity protected. What does SELinux do if it can't trust its labels? One solution is to encrypt all file-systems using hardware backed keys. In this talk I will start by talking about a LSM created for the BlackBerry Priv that ties running with elevated privileges (including SEAndroid domains) to integrity protection. The approach is designed to limit the risk of a system service executing a binary on the user data partition with elevated privileges. After talking about the specific LSM developed, I will expand the focus to the general intersection between integrity protection and access control.

Speakers
avatar for Glenn Wurster

Glenn Wurster

Principal Security Researcher, BlackBerry
Glenn Wurster is currently a Principal Security Researcher with BlackBerry. He has presented at conferences including Usenix Enigma, ACM CCS, Usenix HotSec, and IEEE S&P. He co-chaired ACM SPSM in 2015 and is on the program committee for Usenix WOOT and ACM SPSM in 2016. He is currently involved in operating system security for both Linux (as a result of his ongoing work with the Android based BlackBerry Priv smartphone) and QNX (as a result of... Read More →


Friday August 26, 2016 15:45 - 16:30
Harbour C

Attendees (11)