New Solaris Security Presentation for TechDays 2009

I just finished putting together the presentation that will be given at the 2009 Sun Technology Developer Days, short TechDays, events across the globe. I'll be giving the presentation in a few weeks in São Paulo, Brazil, others will deliver it in Cities such as Seoul, Beijing, and London. If you've never been to TechDays, check out the web site - these (usually free) events are a great opportunity to learn the latest and hottest Sun technologies.  You can download the slides in PDF as well as their OpenOffice source format ODP. The latter version includes extensive sets of notes that help to understand the slides. The presentation includes a lot of code and administration examples.

If you want to learn about (Open)Solaris RBAC, Privileges, the Cryptographic Framework, as well as a number of ongoing OpenSolaris security projects, this presentation is for you!

Abstract

OpenSolaris contains a number of security features available to developers and system integraters that truly distinguish it from other operating systems. This talk contains two parts. The main part presents important problem areas and teaches how the OpenSolaris security technologies solve these problems. The second, much shorter part, presents current, ongoing opensource OpenSolaris security projects to attract new community members and to capture the imagination of students looking for research and development opportunities in the field of computer and network security. While the contents of this second part are expected to change over time, current projects to highlight would be, e.g, FMAC (Flexible Mandatory Access Control in the context of Solaris Trusted Extensions), FGAP (Fine-Grained Access Policy), Crypto ZFS, Validated Execution, and Data Tethers.

OpenSolaris provides two alternatives to the traditional, all-or-nothing superuser-based UNIX authorization model: privileges and RBAC (Role-based Access Control.) With the former, OpenSolaris separates traditional superuser powers across a number of individual privileges for fine-grained control over the actions of processes. This technology is used to implement software according to the principle of least privilege, enabling applications to be protected from each other and to provide software fault isolation. RBAC is a mechanism designed to selectively grant privileges to users or roles based upon their unique needs and requirements.  This talk presents how to write/modify, debug, configure, and deploy privilege-aware and RBAC-aware applications and server software.

Secondly, the Solaris cryptographic and key management frameworks transparently make software and hardware crypto providers available to application programs and kernel software alike. Cryptographic protections and certificate management are integral parts to writing applications that need to communicate securely, a very common use case. This talk will explain the capabilities of these frameworks. It presents just how simple it is to transparently take advantage of hardware-based crypto acceleration (e.g., from the Niagara T2 chip sets) even from Java applications that utilize the Java Cryptographic Extensions.

Comments:

Hello

Sounds nice your future presentation, actually I'm doing an ABC talk related with OpenSolaris security using the same topics.

I realiced the PDF and ODT links are broken, can you please upload again the files?

Thanks

Posted by Jeffrey Steve Borbón Sanabria on September 17, 2008 at 08:14 AM PDT #

My apologies for the broken links - it should work now.
-Christoph

Posted by Christoph Schuba on September 17, 2008 at 08:23 AM PDT #

Hello Mr. Schuba!

Your presentation was very good and help me a lot in order to understand the whole idea about virtualization.

Thanks, and keep the good work ;)

Greetings from Brazil

Posted by Thiago Melo de Paula on September 30, 2008 at 10:33 AM PDT #

Thanks, Thiago! And I had a great time in your country, especially interacting with everyone at the Sun Tech Days event.
Cheers,
-Christoph

Posted by Christoph Schuba on October 06, 2008 at 09:17 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

user9159837

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today