SecAppDev 2020 Lecture Details

Trust Management in SCONE

Christof Fetzer
Friday March 13, 14:00 - 15:30
Short description

This session presents SCONE, a platform that uses Trusted Execution Environments (TEEs) to enable the delegation of operations to an untrusted provider while guaranteeing data confidentiality.

Abstract

Trust is arguably the most crucial challenge for critical services, both in deployment and when accessed over a network. These systems are exposed to a wide diversity of threats, ranging from bugs to exploits, active attacks, rogue operators, or careless administrators.

This session presents a powerful and generic approach to trust management using Trusted Execution Environments (TEEs). Our platform, SCONE, can operate as a managed service deployed in an untrusted environment. SCONE enables the delegation of operations to an untrusted provider while guaranteeing data confidentiality.

Key takeaway

Learn how to leverage Trusted Execution Environments (TEEs) to ensure data confidentiality in untrusted cloud environments.

Content level

advanced

Target audience

This session is intended for anyone who wants to achieve high security guarantees in modern deployment pipelines.

Prerequisites

Understanding of modern application architectures.


Christof Fetzer

Christof Fetzer

Professor, TU Dresden

Prof. Fetzer's research focuses on Trusted Execution and Dependable Computing. He is a co-Founder of Cloud&Heat GmbH, SIListra Systems GmbH, and Scontain UG. He has been a Professor at TU Dresden, Germany since 2004 and he received his PhD from the University of California, San Diego.

Full speaker profile


Related devops security sessions

A practical view of security toolchains in DevSecOps

Lecture by Abhay Bhargav

You wanted to know about DevSecOps Pipelines, but didnt know whom to ask? This anecdotal, demo-filled talk delves into DevSecOps with strategies for tool orchestration, vulnerability management and more. Best yet, you can do all this for $0

DevOps Security Wednesday March 11, 16:00 - 17:30

The hitchhikers guide to secrets for cloud environments

Lecture by Abhay Bhargav

From API Keys to encryption keys, the number of secrets an average app requires is increasing. The talk will focus on secrets management for Kubernetes, AWS and Azure environments with some gotchas and implementation nuances

DevOps Security Friday March 13, 11:00 - 12:30

Lessons from the Node.js ecosystem bug bounty

Lecture by Marcin Hoppe

The Node.js ecosystem bug bounty program allows us to dive deep into the most prevalent JavaScript vulnerabilities, take a look at the state of open source security research, and learn about responsible disclosure at scale.

DevOps Security Friday March 13, 14:00 - 15:30