On Monday night, there will be time for BOFs, right after the General Assembly:
Securely Moving Embedded Applications into the Cloud
[Proposed by Cisco]
Embedded applications moving into the cloud greatly expand the attack surface for both the embedded applications and the cloud. Neither embedded applications, with open control planes, nor the cloud were designed to securely interoperate. Connecting an embedded application, and exposing its control APIs to the cloud, will therefore result in unintended security consequences.
Phrased differently, blindly interconnecting systems not designed to interoperate securely may well become a security nightmare In the case of the new trend towards network function virtualization and dynamic and flexible service provisioning we introduce yet another set of unintended attack surfaces and opportunities.
In this BOF, we will discuss how to reduce the attack surface. For instance, can we use trusted computing concepts and technology to address the security concerns that result from connecting embedded architectures and computing environments A basic value proposition is the use of platform integrity as a way to reduce the number and severity of attack surfaces. Join us for a discussion of how this might work, other possible applications of trusted computing notions and potential research opportunities going forward.