[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Publicity] FOSDEM abstract



I've submitted the following submission as a FOSDEM main track talk. Submission deadline is tomorrow, so let me know if you have any suggestions for changes.

 -George

* Surviving the Zombie Apocalypse: Containers, KVM, Xen, and Security

Abstract

In our interconnected world of mobile and cloud computing, particularly with the rise of governmental spying, corporate espionage, and theft of data by organized crime syndicates, security is more important than ever. Many claims are being made about the security of open-source cloud technologies: How can administrators, users, and developers separate fact from fiction?

This talk will equip the audience with the principles needed to evaluate security claims. We will talk the nature of risk, of vulnerabilities and exploits; the various factors that reduce the risk of vulnerabilities in software; and about TCB, threat models, and defense-in-depth. And we will introduce a colorful and (hopefully) helpful analogy to help make these concepts more clear.

We will then apply these principles to three open-source cloud technologies: containers, KVM, and Xen, to see how they stack up. These will be backed up with numbers: lines of code, security advisories, entry points, and so on.


On 09/25/2014 05:53 PM, George Dunlap wrote:
So below is the abstract I submitted to LinuxCon. Is it OK to submit it mostly as-is to FOSDEM, or do I need to change it sufficiently to look like a different talk?

It almost certainly *will* be a different talk, with more time to prepare, different audience, different time frame, &c... just the basic idea will be the same.

 -George

Security in the Cloud: Containers, KVM, and Xen

Abstract

In our interconnected world of mobile and cloud computing, particularly with the rise of governmental spying, corporate espionage, and theft of data by organized crime syndicates, security is more important than ever. Many claims are being made about the security of open-source cloud technologies: How can administrators, users, and developers separate fact from fiction?

This talk will equip the audience with the principles needed to evaluate security claims. We will talk the nature of risk, of vulnerabilities and exploits; the various factors that reduce the risk of vulnerabilities in software; and about TCB, threat models, and defense-in-depth.

We will then apply these principles to three open-source cloud technologies: containers, KVM, and Xen, to see how they stack up. These will be backed up with numbers: lines of code, security advisories, entry points, and so on.


_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity


_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.