Security in Zephyr and Fuchsia - Stephen Smalley & James Carter, National Security Agency
ฝัง
- เผยแพร่เมื่อ 16 ก.ย. 2024
- Security in Zephyr and Fuchsia - Stephen Smalley & James Carter, National Security Agency
Zephyr and Fuchsia are two emerging open source operating systems with very different architectures and approaches to security compared to each other and to Linux. Zephyr is a real-time operating system (RTOS) targeting Internet of Things (IoT) devices that are too resource-constrained to run Linux. Fuchsia is a capability-based microkernel operating system targeting more capable devices and computers. In this talk, we present the architecture and security mechanisms of these two operating systems, discuss ongoing work by ourselves and others to further advance their security, and compare their security features to those of Linux and Linux-based systems such as Android.
About James Carter
James Carter is a computer security researcher in the Information Assurance Research group of the National Security Agency (NSA). He presently is working to improve Security-Enhanced Linux (SELinux) policy development through tools and policy language improvements and serves as one of the userspace maintainers for SELinux.
Previously, Mr. Carter led the development of the Common Intermediate Language (CIL) compiler and userspace for SELinux and he assisted in the early work on Security Enhancements for Android (SE for Android).
Mr. Carter’s prior public speaking engagements have included the Linux Plumbers Conference, the SELinux Developers Summit, and the SELinux Symposium.
About Stephen Smalley
Stephen Smalley is a computer security researcher in the Information Assurance Research organization of the US National Security Agency (NSA). He presently leads the NSA's Security Enhancements (SE) for the Internet of Things (IoT) project, which is investigating and and advancing the security of IoT operating systems, as well as continuing to serve as one of the kernel and userspace maintainers for SELinux. Previously, Mr. Smalley led the development and successful technology transfer of Security Enhancements for Android (SE for Android) and Security-Enhanced Linux (SELinux) to mainline Android and Linux respectively.
Mr. Smalley's prior public speaking engagements have included the OpenXT Summit, the Linux Security Summit, LinuxCon North America, the Network and Distributed System Security (NDSS) Symposium, and the Android Builders Summit among others.
