BSDCan2013 - Final
BSDCan 2013
The Technical BSD Conference
Speakers | |
---|---|
Pawel Jakub Dawidek |
Schedule | |
---|---|
Day | Talks - Day 1 - 2013-05-17 |
Room | MRT 221 |
Start time | 13:30 |
Duration | 01:00 |
Info | |
ID | 387 |
Event type | Lecture |
Track | Security |
Language used for presentation | English |
FreeBSD, Capsicum, GELI and ZFS as key components of a security appliance
I use to talk at various BSD conferences about projects I was/am working on (GEOM, GELI, ZFS, Capsicum, HAST, auditdistd and others). This time I'd like to talk about the meeting point of reality and some of those technologies: a security appliance I was working on for the last year.
The talk will demonstrate practical use of various technologies available in FreeBSD (Capsicum, GELI, ZFS and others). The appliance needs to process and store very sensitive data at high speeds, so strong sandboxing provided by Capsicum and strong encryption provided by GELI were a must. The talk will also provide practical hints how to build and manage appliance, eg. how to create installation image with all dependencies from source, how to implement secure and reliable upgrades with an option to downgrade, how to monitor health of hardware components and how to cluster multiple nodes together.