YoVDO

Using Hardware Security Modules to Protect Block Devices

Offered By: Linux Foundation via YouTube

Tags

Data Protection Courses Encryption Courses Linux File System Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical aspects of data protection using Hardware Security Modules (HSMs) in this comprehensive conference talk by Reinhard Buendgen from IBM. Delve into various attack points for data-at-rest and learn effective strategies for safeguarding against offline attacks. Examine the concept of end-to-end data encryption and understand the Linux File System Stack with dm-crypt. Address the challenge of protecting encryption keys and discover methods for generating protected keys. Gain insights into kernel support for protected keys through the pkey and PAES modules. Learn about dm-crypt volume management with secure keys and the process of HSM Master Key change. Investigate the application of HSM master keys for dm-crypt volume keys and explore ideas for extending zkey functionality. This talk provides valuable knowledge for IT professionals and security experts looking to enhance their understanding of block device protection using HSMs.

Syllabus

Intro
Attack points to data-at-rest
Protecting data against offline attacks
End-to-end data encryption
Linux File System Stack with dm-crypt
Protecting Encryption Keys: Catch 22?
How to Generate Protected Keys
Kernel support for protected keys: the pkey module
Kernel support for protected keys: the PAES module
Dm-crypt volume management with secure keys
HSM Master Key Change
HSM master key for dm-crypt volume keys
Extending the PAES trick to further functions
Ideas for extending zkey


Taught by

Linux Foundation

Tags

Related Courses

Linux Command Line basics to Advance
Udemy
أنت وأنظمة التشغيل: كيف تصبح مستخدمًا محترفًا
Google via Coursera
Getting Started with the Linux Command Line
Pluralsight
Terminal Linux
Udemy
Vagrant Essentials : Learn DevOps Using Vagrant
Udemy