SANSFIRE is right around the corner June 13-20 - Live Online, Register today!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right.Once you register, you can download the presentaion slides below.

Survey of Integrity Verification Solutions, Local and Remote Attestation

  • Friday, March 09, 2018 at 3:30 PM EST (2018-03-09 20:30:00 UTC)
  • Colin DeWinter, Ben Gardiner

You can now attend the webcast using your mobile device!

  

Overview

In connected mobility systems, the need for attestation as a security control against tampering arises for various reasons. To detect code modification, to detect the modification of immutable data (such as Root CAs), to assert whether clients are worthy of trust, etc. In our capacity as experts on the subject of local attestation, we would like to share a review of the public research on the remote and local attestation solutions available both freely and commercially. We will not be disclosing any original research; rather, a 'literature review' of details known about some select attestation systems will be presented. e.g. Windows, OSX, iOS, Android, Linux -- both local (where applicable) and remote. Attendees should leave with a better understanding of * what are the criteria one should use to evaluate remote attestation technologies? local attestation as well? * in what cases is remote attestation not possible? * what is required to deploy robust local attestation technologies?

Join SANS for the 2nd Annual Automotive Cybersecurity Summit & Training, May 1-8, 2018, in Chicago. Security professionals representing the automotive industry's technology providers, policy-makers, and others within the vehicle supply chain will discuss security risks, methods to safeguard systems, and how to protect customers from an ever-evolving threat landscape. Join us to further develop your skills, perspective, and how to form actionable plans that address the increasingly complex world of Smart Vehicles and Smart Infrastructures.

Speaker Bios

Ben Gardiner

Ben Gardiner is a Principal Security Engineer at Irdeto and a member of the ethical hacking team, specializing in hardware and low-level software security. With more than 10 years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. He brings this knowledge to Irdeto, a pioneer in digital platform and application security. With nearly 50 years of experience, Its software security technology and cyber services protects more than 5 billion devices and applications against cyberattacks for some of the world's best known brands.

Prior to joining Irdeto in 2013, Gardiner held embedded software and systems engineer roles at several organizations. Gardiner has a Masters of Engineering in Applied Math & Stats from Queen's University. He is also a member of and a contributor to SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2) and the GENIVI security subcommittee.


Colin DeWinter

Colin DeWinter is a Junior Security Engineer at Irdeto. Colin is passionate about automotive and connected transport cybersecurity. He specializes in Android and Windows Applications. Prior to joining Irdeto, Colin was a student at the University of Waterloo’s Electrical Engineering program. He is also a member of SAE TEVEES18.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.