Thursday Jan 07, 2010

Securing Cloud-based Services with OpenSolaris Security Features

Securing Cloud-based Services with OpenSolaris Security FeaturesThe 25th Annual Computer Security Applications Conference (ACSAC) was held in Honolulu, HI from Dec. 7-11, 2009. As many of you know I have been contributing for many years in various different organizing functions for the conference. As proceedings chair in 2009 I was responsible for producing the paper proceedings jointly with the IEEE CPS.

In addition, I gave a presentation ACSAC's Cloud Security Workshop on Dec. 8, 2009, entitled Securing Cloud-based Services with OpenSolaris Security Features.  You can download the presentation in pdf format. The talk basically explored to what extent you can lock down a Solaris-based golden image you may want to host in a cloud environment.[Read More]

Friday Oct 09, 2009

(Open)Solaris Security Summit - Nov. 3, 2009 - Co-located with Usenix LISA

(Open)Solaris Security SummitI am co-organizing the (Open)Solaris Security Summit, a free, one day event on November 3, 2009 co-located with the Usenix LISA 2009 conference in the Baltimore Marriott Waterfront, Baltimore, MD.  It is an all-day event and free to attend (Register Here). We have a very exciting program lined up with Bill Cheswick from AT&T as our keynote speaker, followed by technical talks on various Solaris security technologies, such as Solaris Trusted Extensions, Encrypted Storage, and a case study how to really lock down networked services with the wealth of Solaris security mechanisms.

[Read More]

Wednesday Jul 22, 2009

OpenSolaris Security BoF on 23 July 2009 8PM at OSCON, San Jose, CA.

OSCON 2009 July 23, San Jose, CA

OSOSOS - Offering Security in OpenSource Operating Systems

Location: San Jose Convention Center. Ballroom A3/A6
Date/Time: Thu. July 23, 2009 - 8pm

Moderated by: Christoph Schuba

Many operating system security mechanisms are necessary for developers to build secure software. While this session presents a few such mechanisms available and under development in OpenSolaris, it primarily seeks the dialogue and discussion how important these features are and how they compare to those of other OSes.

Speakers will do short talks on the Cryptographic Framework (Valerie Fenwick), Priveleges (Scott Rotondo) and Zones/TX (Glenn Faden), followed by a panel from all presenters, plus Christoph Schuba and Glenn Barry (Kerberos Guru).

BoFs are free, you just need to register for the expo pass (also free!) On-site registration is also possible, should you decide last minute to join us!

Thursday Dec 11, 2008

New Sun BluePrint entitled Security Advantages of the Solaris Zones Software

Security Advantages of the Solaris Zones SoftwareCheck out my new Sun Blueprint (pdf) entitled Security Advantages of the Solaris Zones Software. It provides a hands-on introduction to the Solaris Zones architecture and discusses in details some of the security advantages of OS virtualization in the context of Solaris zones.

Schuba, Christoph. Security Advantages of the Solaris Zones Software. Sun BluePrints Online, Part No 820-7136-10. December 2008.

[Read More]

Friday Oct 31, 2008

Scripting technology demonstrations in (Open)Solaris - V.2

This blog entry represents an update to my earlier blog on "Scripting technology demonstrations in (Open)Solaris". I created this entry, because I rewrote the software to include new functionality and to no longer require a C compiler. Everything's in Perl now. Some of the text below is duplicated from my original blog entry, but I figured it's easier on readers to find all information in a single blog entry rather than having to jump back and forth. For the impatient readers, here's what's new:

  • Ease of portability: demotools are now completely written in Perl - no more C programs that require compilation
  • The demo tools routines are a Perl module now, easily integrated into your program

[Read More]

Thursday Oct 09, 2008

Scripting technology demonstrations in (Open)Solaris

Several folks have asked me to post the demo scripts and tools I use when presenting (Open)Solaris talks that contain live demonstrations. Initially I hesitated, primarily because these scripts and tools are embarassingly simple. Yet, because I was asked by several of folks, I decided to post them here. If you make improvements to these tools or scripts, please send me the code as I am planning on continuing to use (and document improvements of) this approach until I find something better.[Read More]

Wednesday Sep 24, 2008

New Virtualization Presentation for TechDays 2009

And I am involved with another presentation that will be given at the 2009 Sun Technology Developer Days, short TechDays, events across the globe. Nicolas Droux and I co-authored it, borrowing heavily from older presentations. It is entitled "Virtualization from the Desktop to the Enterprise". I will be delivering this talk in São Paulo, Brazil next week, back to back with the "Developing and Deploying Securely" presentation. (Read more about that presentation in my blog entry New Solaris Security Presentation for TechDays 2009.)

[Read More]

Wednesday Sep 17, 2008

New Solaris Security Presentation for TechDays 2009

I just finished putting together the presentation that will be given at the 2009 Sun Technology Developer Days, short TechDays, events across the globe. I'll be giving the presentation in a few weeks in São Paulo, Brazil, others will deliver it in Cities such as Seoul, Beijing, and London. If you've never been to TechDays, check out the web site - these (usually free) events are a great opportunity to learn the latest and hottest Sun technologies.  You can download the slides in PDF as well as their OpenOffice source format ODP. The latter version includes extensive sets of notes that help to understand the slides. The presentation includes a lot of code and administration examples.

If you want to learn about (Open)Solaris RBAC, Privileges, the Cryptographic Framework, as well as a number of ongoing OpenSolaris security projects, this presentation is for you!

[Read More]



« September 2016