Explore the challenges and solutions of implementing integrity measurement systems in embedded devices through this informative conference talk. Delve into the world of offline attacks and learn how security-enhanced Android devices have overcome performance and reliability issues. Discover the changes made to the Linux integrity subsystem that have resulted in seamless operation without inconveniencing end users. Gain insights into the architecture, policies, and support systems necessary for effective integrity measurements, including TPM, MMM, and application installation support. Understand the considerations for factory reset and recovery mode in the context of maintaining system integrity. This presentation covers key topics such as initialization, performance considerations, and the potential for future improvements in integrity measurement systems.
Overview
Syllabus
Introduction
Background
Use Cases
What do we need
Initializer
TPM
Policies
Measurement Support
Architecture
Measurements
MMM
Performance Considerations
Application Installation Support
Factory Reset Support
Recovery Mode
Taught by
Linux Foundation
