Overview
Explore an open source project for remote trust of IoT devices in this conference talk. Dive into Keylime, a rapidly growing initiative that leverages Trusted Platform Module (TPM) technology to establish a cryptographic hardware root of trust. Learn about the project's origins at MIT's Lincoln Laboratory, its architecture, and how it simplifies TPM implementation for developers and users. Discover key concepts such as measured boot, continuous remote attestation, and revocation frameworks. Gain insights into Keylime's organic growth, current state, and ongoing development efforts, including the porting of the agent to Rust. Understand how Keylime addresses the challenges of remote IoT trust, physical protections, and software trust. Find out how to get involved in this innovative project that's making TPM technology more accessible and driving new use cases in IoT security.
Syllabus
Introduction
Lukes background
The problem
Remote IoT trust
Physical protections
Physical protection schemes
Mandatory access control
Software trust
Remote device trust
Hardware root of trust
TPM usage
What is Keylime
Measured boot
Architecture
Use Cases
Bootstrap
Keylime Agent
Bootstrap Key
Continuous Remote attestation
whitelist
IMA
Verification Revocation
Revocation Framework
Organic Growth
Current State
Continuous Integration
Weekly Meetings
Virtual TPM
Porting Agent to Rust
Get Involved
Taught by
Linux Foundation