Jens is Firmware Developer at 9elemtents Cyber Security
In this workshop, you will learn about the current state of the System Transparency project.
System Transparency is a security architecture for bare-metal servers. It's bootloader stboot protects and makes your boot chain auditable. It uses LinuxBoot, TPM, and signature verification. Furthermore, it is reproducible, with plans to incorporate Binary Transparency. Correctly integrated, it can make a system transparent to you and even your end users.
With System Transparency, all OS-related artifacts including the user space are bundled together in a signed OS Package. The core idea is that stboot verifies this OS package before booting.
Since the project is still at version zero state and there are quite some bits and peaces which have to be brought together. So this workshop is just the right place for you if you would like to become an early adopter, learn and discuss the concepts of System Transparency or just want to start playing around with the project.
There are also some work-in-progress features like remote attestation integration we are currently developing but are already ready to try out.