Extending Non-Repudiable Logs with eBPF
Offered By: Linux Plumbers Conference via YouTube
Course Description
Overview
Explore how eBPF can enhance non-repudiable logging in the Linux kernel to improve system integrity attestation. Learn about an extensible interface that allows user-defined programs to leverage TPM-based non-repudiable logging for any kernel data accessible to eBPF programs. Discover how this approach enables more granular system integrity verification through the wide variety of eBPF hook locations. Examine a practical application of this technique in measuring and storing container image digests to verify and attest container integrity. Gain insights into the exciting future of eBPF in security and trust, and its potential for various use cases.
Syllabus
Extending Non-Repudiable Logs with eBPF - Avery Blanchard, George Almasi
Taught by
Linux Plumbers Conference
Related Courses
Analyzing Postgres Performance Problems Using Perf and eBPFMicrosoft via YouTube Citus Con - An Event for Postgres - Americas Livestream
Microsoft via YouTube EBPF - The Next Power Tool of SREs
USENIX via YouTube Kernel Tracing With EBPF
media.ccc.de via YouTube Building Observability for 99% Developers
Docker via YouTube