Integrity Protection and Access Control - Who Do You Trust?

Explore the critical intersection of integrity protection and access control in this 39-minute conference talk by Glenn Wurster from BlackBerry. Delve into the vulnerabilities of file systems and boot processes against physical attacks, and understand why on-line access control alone is insufficient. Learn about a Linux Security Module (LSM) developed for the BlackBerry Priv that links elevated privileges to integrity protection, mitigating risks associated with system services executing binaries on user data partitions. Examine the broader implications for operating system security, focusing on mandatory access control and security vulnerability mitigations. Gain insights into topics such as DMCrypt, PathTrust, SuperUser implementation, potential pitfalls, and Linux integrity protection methods. Consider thought-provoking discussion questions on encryption requirements and VM integrity protection, enhancing your understanding of crucial cybersecurity concepts.