BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Trustable Hardware as a TOCTOU Problem: Overview and Potential Rem
 edies - Dr. Andrew 'bunnie' Huang\, Independent Researcher
DTSTART:20200421T130000Z
DTEND:20200421T140000Z
UID:TALK141664@talks.cam.ac.uk
CONTACT:Jack Hughes
DESCRIPTION:In this talk\, we frame Trustable Hardware as a "Time of Check
 /Time of\nUse" (TOCTOU) problem. The basic problem with receiving a packag
 e\ncontaining "trusted hardware" is that the place of verification for\nha
 rdware is physically distant and administratively distinct from the\nplace
  of use. This is similar in nature to confirming the integrity of a\nweb o
 bject by checking its hash on the server\, then downloading it and\nrunnin
 g it.\n\nThe talk starts by exploring some of the potential attack vectors
  in the\nsupply chain\, thus motivating the need for point-of-use verifica
 tion. We\nthen use these constraints to formulate a system architecture th
 at tries\nto simplify the user verification problem\, thus providing a met
 hod for\nevidence-based trust in a given hardware artifact\, as opposed to
  blind\nfaith in the supply chain.
LOCATION:Webinar
END:VEVENT
END:VCALENDAR