Towards authentication of transparent systems
10-11, 11:30–12:00 (US/Pacific), Main Track

We will present our ongoing work on the System Transparency Authentication Mechanism (STAM), ST's evolving design philosophy and the benefits of transparent systems to service providers.

STAM is an authentication mechanism for transparent systems - mainly System Transparency - which we are still actively designing. We would greatly appreciate your feedback.

System Transparency (ST) is a security architecture for service providers who want to operate transparent systems. We define a running computer system as transparent if its advertised state space is apparent to a relying party. ST is used in production at Mullvad VPN, but it still has a long way to go until all of its design goals are realized.

STAM is designed to assure a local system of a remote system’s platform provenance, identity, state, authenticity, source code traceability, and freshness, as well as certificate transparency. It builds on entity authentication mechanisms, secure communication, reproducible builds, remote attestation, transparency logging and witness cosigning. The aforementioned technologies also constitute the backbone of System Transparency.

Our 20-minute talk will be followed by a 20-minute Q&A discussion and feedback session.

See also: Slides (2.0 MB)

Fredrik's main interest is the design and construction of more trustworthy computer systems.

Together with his colleagues and collaborators he works on the open-source projects System Transparency, Sigsum and Tillitis TKey. A decade and a half ago he co-founded Mullvad VPN. His interest in computer security, strategy and creativity started a decade before that. He's a fourth-generation business owner and a third-generation inventor.