Difference between revisions of "AFSecurity Seminar"

From mn/ifi/AFSecurity
Jump to: navigation, search
 
(383 intermediate revisions by the same user not shown)
Line 1: Line 1:
== ''FutureID'' ==
+
== ''Confidential Computing'' ==
  
Date: 17 September 2014.
+
{| border="0" cellpadding="1" cellspacing="1" width="100%"
 +
|-
 +
| '''TIME:'''&nbsp; Friday 1 December 2023, 14:00h<br />'''PLACE:'''&nbsp;  Auditorium Smalltalk, 1st floor, IFI, UiO, Ole Johan Dahls hus, Gaustadalleen 23b, Oslo. [https://kart.finn.no/?lng=10.71782&lat=59.94342&zoom=17&mapType=normap&markers=10.71782,59.94342,r,Gaustadall%C3%A9en+23B See map].<br />
 +
All interested are welcome. Coffee and snaks served.<br />
 +
<br />'''AGENDA:'''<br />
 +
14:00h Welcome to AFSecurity at UiO <br />
 +
14:15h Invited talk<br />
 +
* TITLE: ''Confidential Computing'' &nbsp;
 +
* SPEAKER: Ijlal Loutfi, Canonical 
 +
| <center>[[File:photo-Ijlal-Loutfi.png|90px|link=https://www.linkedin.com/in/ijlal-loutfi-785125234/]]</center>
 +
| <center>[[File:logo-Canonical.png|320px|link=https://canonical.com/]]</center>
 +
|}
 +
* ABSTRACT:<br />Protecting data in-use has long been a challenging open problem in computer science. While being computed on in cleartext in system memory, your data stored in RAM is exposed to the millions lines of code that make up the underlying platform’s privileged system software. By design, a malicious firmware, or compromised operating system can easily leak your data, or compromise its integrity.<br /><br />Confidential computing is a privacy-enhancing system security primitive which addresses this challenge head-on, by running your security-sensitive processes in isolated execution environments whose security guarantees can be remotely attested. Its recent generations, such as Intel SGX, Intel TDX and AMD SEV SNP, make use of newer CPU hardware and architectural extensions, such as the AES-128 hardware encryption engine which encrypts RAM memory pages in real-time. Hardware with these capabilities is already available in the market, and public cloud providers have been one of its early adopters.<br /><br />In this presentation, we first visit the history of confidential computing, then study the technical system primitives which allow us to implement both isolation and attestation. We also explore the different silicon implementations of confidential computing, where they are deployed today, and for which uses cases.
  
Location: Kristen Nygaards sal&nbsp;(room 5370), Ole-Johan Dahls hus (IfI).
+
<br />15:00h Discussion<br />
  
'''Agenda'''
+
'''BIO:''' &nbsp; Dr. Ijlal Loutfi is the product lead for Ubuntu Security at Canonical. She has a PhD in cyber security from the University of Oslo, where she worked on Trusted Execution Environments and Identity Management.
  
10:00h Welcome at IfI
+
 
 +
<br /><br />
  
10:15h Invited talk
+
{| border="0" cellpadding="1" cellspacing="1" width="90%"
 
+
|-
'''SPEAKER:''' Dr. Bud Peter Bruegger (Fraunhofer Institute)
+
| [[File:AFSecurity-small.png|250px]]
 
+
| AF''Security'' is organised by UiO [https://www.mn.uio.no/ifi/forskning/grupper/sec/ Digital Security].
'''TITLE:''' ''The FutureID approach to interoperable, cross-border digital identity''
+
| [[File:logo-uio-english-2022.png|250px|link=https://www.mn.uio.no/]]
 
+
| [[File:Sec-light-360.png|150px|link=https://www.mn.uio.no/ifi/english/research/groups/sec/]]
'''ABSTRACT:''' The FutureID project builds a comprehensive, flexible, privacy-aware and ubiquitously usable identity management infrastructure for Europe, which integrates existing eID technology and trust infrastructures, emerging federated identity management services and modern credential technologies to provide a user-centric system for the trustworthy and accountable management of identity claims.
+
|}
 
 
The FutureID infrastructure will provide great benefits to all stakeholders involved in the eID value chain. Users will benefit from the availability of a ubiquitously usable open source eID client that is capable of running on arbitrary desktop PCs, tablets and modern smart phones. FutureID will allow application and service providers to easily integrate their existing services with the FutureID infrastructure, providing them with the benefits from the strong security offered by eIDs without requiring them to make substantial investments. This will enable service providers to offer this technology to users as an alternative to username/password based systems, providing them with a choice for a more trustworthy, usable and innovative technology.
 
 
 
The benefits of the FutureID platform for both users and service providers are substantial. By implementing an intermediary for trusted e-ID services, cross-border e-ID applications become both economic and efficient by providing simple processes and a critical mass of reachable users.
 
 
 
For existing and emerging trust service providers and card issuers FutureID will provide an integrative framework, which eases using their authentication and signature related products across Europe and beyond. To demonstrate the applicability of the developed technologies and the feasibility of the overall approach FutureID will develop two pilot applications and is open for additional application services who want to use the innovative FutureID technology.
 
 
 
'''SPEAKER BIO: '''
 
 
 
Dr. Bud Peter Bruegger is Senior Scientist at Fraunhofer IAO, Germany, and Technical Coordinator for the FutureID project.
 
 
 
Dr. Bruegger holds a Dipl.Ing. degree from the Swiss Federal Institute of Technology and a PhD from the University of Maine. His career spans work in five countries and three languages, both in research and as a consultant. He has a long-standing experience in identity management and IT security, including very active participation in the Italian eID Pilot program, pioneering eID interoperability in Europe, and consulting on identity management and security for several large projects. Bud is a long-standing member of the Porvoo Group and organizer of Porvoo 12, acted as European chair for the Global Collaboration Forum on eIDs, and represented the Italian Ministry of the Interior in the Government Security Program with Microsoft. Currently, Bud holds the position of Senior Scientist in the Identity Management group at Fraunhofer IAO where he was lead author of the architecture of the EC-funded FutureID project. Bud is the author of a large number of publications and presentations and has been an invited expert and speaker for several EC events on identity.
 
 
 
<br/>11:00h Discussion
 

Latest revision as of 15:30, 14 November 2023

Confidential Computing

TIME:  Friday 1 December 2023, 14:00h
PLACE:  Auditorium Smalltalk, 1st floor, IFI, UiO, Ole Johan Dahls hus, Gaustadalleen 23b, Oslo. See map.

All interested are welcome. Coffee and snaks served.

AGENDA:
14:00h Welcome to AFSecurity at UiO
14:15h Invited talk

  • TITLE: Confidential Computing  
  • SPEAKER: Ijlal Loutfi, Canonical
Photo-Ijlal-Loutfi.png
Logo-Canonical.png
  • ABSTRACT:
    Protecting data in-use has long been a challenging open problem in computer science. While being computed on in cleartext in system memory, your data stored in RAM is exposed to the millions lines of code that make up the underlying platform’s privileged system software. By design, a malicious firmware, or compromised operating system can easily leak your data, or compromise its integrity.

    Confidential computing is a privacy-enhancing system security primitive which addresses this challenge head-on, by running your security-sensitive processes in isolated execution environments whose security guarantees can be remotely attested. Its recent generations, such as Intel SGX, Intel TDX and AMD SEV SNP, make use of newer CPU hardware and architectural extensions, such as the AES-128 hardware encryption engine which encrypts RAM memory pages in real-time. Hardware with these capabilities is already available in the market, and public cloud providers have been one of its early adopters.

    In this presentation, we first visit the history of confidential computing, then study the technical system primitives which allow us to implement both isolation and attestation. We also explore the different silicon implementations of confidential computing, where they are deployed today, and for which uses cases.


15:00h Discussion

BIO:   Dr. Ijlal Loutfi is the product lead for Ubuntu Security at Canonical. She has a PhD in cyber security from the University of Oslo, where she worked on Trusted Execution Environments and Identity Management.




AFSecurity-small.png AFSecurity is organised by UiO Digital Security. Logo-uio-english-2022.png Sec-light-360.png
Retrieved from "https://wiki.uio.no/mn/ifi/AFSecurity/index.php?title=AFSecurity_Seminar&oldid=1805"