Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Securing Content Distribution with The Update Framework - TUF

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the critical aspects of securing content distribution using The Update Framework (TUF) in this informative conference talk. Delve into the basic architecture of TUF and discover how it protects against various real-world attacks on content distribution infrastructure. Learn about the framework's core principles, including prevention, detection, and risk mitigation of successful attacks. Gain insights into TUF's widespread adoption both within and outside the cloud ecosystem, including its use in CNAB, AWS Labs BottleRocket OS, and Datadog. Understand ongoing integrations with Python Package Index (PyPI), Drupal, TYPO3, and Joomla. Examine the hierarchical trust delegation tree and diagram, and explore content protection strategies and methods for reducing key loss. Engage in a deep dive discussion on current technical issues and augmentation proposals for this security-focused CNCF graduate project.

Syllabus

Intro
Agenda
Content Distribution
Software Supply Chain
Attacker Target
Software Updates
SSLTLS
dependency substitution attacks
What can TUF do
Content protection
Reducing key loss
Hierarchical trust delegation tree
Hierarchical trust delegation diagram
Summary
TUF Overview
TUF Specification
augmentation proposals
reference implementation
other implementations
integrations
outro

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Securing Content Distribution with The Update Framework - TUF

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.