Securing Content Distribution with The Update Framework - TUF
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the critical aspects of securing content distribution using The Update Framework (TUF) in this informative conference talk. Delve into the basic architecture of TUF and discover how it protects against various real-world attacks on content distribution infrastructure. Learn about the framework's core principles, including prevention, detection, and risk mitigation of successful attacks. Gain insights into TUF's widespread adoption both within and outside the cloud ecosystem, including its use in CNAB, AWS Labs BottleRocket OS, and Datadog. Understand ongoing integrations with Python Package Index (PyPI), Drupal, TYPO3, and Joomla. Examine the hierarchical trust delegation tree and diagram, and explore content protection strategies and methods for reducing key loss. Engage in a deep dive discussion on current technical issues and augmentation proposals for this security-focused CNCF graduate project.
Syllabus
Intro
Agenda
Content Distribution
Software Supply Chain
Attacker Target
Software Updates
SSLTLS
dependency substitution attacks
What can TUF do
Content protection
Reducing key loss
Hierarchical trust delegation tree
Hierarchical trust delegation diagram
Summary
TUF Overview
TUF Specification
augmentation proposals
reference implementation
other implementations
integrations
outro
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube