Towards Linux kernel security: the journey of past 10 years
The importance of the mainline Linux kernel security has risen dramatically over the past 10 years. From the initial point years back when security people were “sandboxed” to their legitimate playground in a form of Linux Security Module (LSM) infrastructure, security has risen to one of the most paid attention area of the Linux kernel. Nowadays the truly important security fixes get merged regardless of their (sometimes drastic) performance implications and we usually (albeit not always) spend less and less time convincing kernel maintainers to include security measures into their subsystems. This talk attempts to give a perspective view on the past 10 years of mainline Linux kernel security, explaining reasons behind developments in each area, as well as the current state and open problems that we are still facing and will be facing in the near future. The audience will also get an understanding of primary directions that drive Linux kernel security development nowadays, such as IoT and Cloud services, and an overview of a modern attack landscape that influences one of the most recent and active projects in kernel security – Kernel Self Protection Project (KSPP).
Security engineer and architect
Elena Reshetova is a Security Architect and researcher at the Intel Open Source Technology Centre working with various Open Source platform security projects across the whole Linux platform security community. Her current research area involves exploring various OS virtualization and hardening solutions and their applicability for mobile or embedded security use cases. Her additional area of interest is applied cryptography. Elena received her doctoral degree from the Aalto University Secure Systems Group in the field of Mobile and Embedded Platform Security.