Explore the critical aspects of securing content distribution using The Update Framework (TUF) in this informative conference talk. Delve into the basic architecture of TUF and discover how it protects against various real-world attacks on content distribution infrastructure. Learn about the framework's core principles, including prevention, detection, and risk mitigation of successful attacks. Gain insights into TUF's widespread adoption both within and outside the cloud ecosystem, including its use in CNAB, AWS Labs BottleRocket OS, and Datadog. Understand ongoing integrations with Python Package Index (PyPI), Drupal, TYPO3, and Joomla. Examine the hierarchical trust delegation tree and diagram, and explore content protection strategies and methods for reducing key loss. Engage in a deep dive discussion on current technical issues and augmentation proposals for this security-focused CNCF graduate project.
Securing Content Distribution with The Update Framework - TUF
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Intro
Agenda
Content Distribution
Software Supply Chain
Attacker Target
Software Updates
SSLTLS
dependency substitution attacks
What can TUF do
Content protection
Reducing key loss
Hierarchical trust delegation tree
Hierarchical trust delegation diagram
Summary
TUF Overview
TUF Specification
augmentation proposals
reference implementation
other implementations
integrations
outro
Taught by
CNCF [Cloud Native Computing Foundation]
