[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Publicity] FOSDEM abstract

To: <publicity@xxxxxxxxxxxxxxxxxxxx>, Lars Kurth <lars.kurth@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>
From: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
Date: Tue, 30 Sep 2014 14:41:28 +0100
Delivery-date: Tue, 30 Sep 2014 13:42:12 +0000
List-id: "List for Xen Publicity, PR and events" <publicity.lists.xenproject.org>

I've submitted the following submission as a FOSDEM main track talk.Submission deadline is tomorrow, so let me know if you have anysuggestions for changes.

 -George

* Surviving the Zombie Apocalypse: Containers, KVM, Xen, and Security

Abstract

In our interconnected world of mobile and cloud computing, particularlywith the rise of governmental spying, corporate espionage, and theft ofdata by organized crime syndicates, security is more important thanever. Many claims are being made about the security of open-sourcecloud technologies: How can administrators, users, and developersseparate fact from fiction?

This talk will equip the audience with the principles needed to evaluatesecurity claims. We will talk the nature of risk, of vulnerabilitiesand exploits; the various factors that reduce the risk ofvulnerabilities in software; and about TCB, threat models, anddefense-in-depth. And we will introduce a colorful and (hopefully)helpful analogy to help make these concepts more clear.

We will then apply these principles to three open-source cloudtechnologies: containers, KVM, and Xen, to see how they stack up. Thesewill be backed up with numbers: lines of code, security advisories,entry points, and so on.


On 09/25/2014 05:53 PM, George Dunlap wrote:

So below is the abstract I submitted to LinuxCon. Is it OK to submitit mostly as-is to FOSDEM, or do I need to change it sufficiently tolook like a different talk?
It almost certainly *will* be a different talk, with more time toprepare, different audience, different time frame, &c... just thebasic idea will be the same.
 -George

Security in the Cloud: Containers, KVM, and Xen

Abstract
In our interconnected world of mobile and cloud computing,particularly with the rise of governmental spying, corporateespionage, and theft of data by organized crime syndicates, securityis more important than ever. Many claims are being made about thesecurity of open-source cloud technologies: How can administrators,users, and developers separate fact from fiction?
This talk will equip the audience with the principles needed toevaluate security claims. We will talk the nature of risk, ofvulnerabilities and exploits; the various factors that reduce the riskof vulnerabilities in software; and about TCB, threat models, anddefense-in-depth.
We will then apply these principles to three open-source cloudtechnologies: containers, KVM, and Xen, to see how they stack up.These will be backed up with numbers: lines of code, securityadvisories, entry points, and so on.
_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity


_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity

References:
- [Publicity] FOSDEM abstract
  - From: George Dunlap

Prev by Date: [Publicity] FOSDEM abstract
Next by Date: [Publicity] FOSDEM talk on CentOS SIGs
Previous by thread: [Publicity] FOSDEM abstract
Next by thread: [Publicity] FOSDEM talk on CentOS SIGs
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.