Editing Security

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 41: Line 41:


::- [https://docs.google.com/document/d/17QAXfpEDlIvSbw0pFJ9wKeIBeBwIFkP4Z8SjhxyECAw/edit# Work Backlog & Prioritization]
::- [https://docs.google.com/document/d/17QAXfpEDlIvSbw0pFJ9wKeIBeBwIFkP4Z8SjhxyECAw/edit# Work Backlog & Prioritization]
Third Party Security Reviews
::- [https://drive.google.com/file/d/177hRzP05xE5OlvW7nuBH35SxaBSo1TRI/view?usp=share_link Firmware Security Review Framework (Draft)]
::- [https://drive.google.com/file/d/13XcR9QG0ZibR7dMs9TQTY7WnWyPs9oIB/view?usp=share_link NVMe Cloud SSD Specification Firmware Security Review Scope (Draft)]
::- [https://drive.google.com/file/d/18m0q3ZFZarYJzZ5lOuPShyBKIx6QfGVA/view?usp=share_link Firmware Security Audits (Slide Deck)]


OCP blogs and announcements
OCP blogs and announcements
Line 90: Line 80:


:- [https://drive.google.com/file/d/1yxlqAiNWvnX22aY-LX1L2kJBOnLRTC90/view?usp=sharing Attestation + TPM flows] Presented 2022-09-27 by Jeff Andersen
:- [https://drive.google.com/file/d/1yxlqAiNWvnX22aY-LX1L2kJBOnLRTC90/view?usp=sharing Attestation + TPM flows] Presented 2022-09-27 by Jeff Andersen
:- [https://drive.google.com/file/d/1zxtgMlBrxhXieO9phLgriuAUJl-Duchj/view?usp=sharing Port Remediation] Presented 2022-10-11 by Thomas Koh
:- [https://drive.google.com/file/d/1GZTy8rEcpJhXZlkL8TZrUis2x3-wIWhs/view?usp=share_link Media Sanitization] Presented 2022-12-06 by Jonmichael Hands and Arie van der Hoeven
:- [https://drive.google.com/file/d/1t5WSUZKzYUBYWses22I-yc-vDDIvAUQb/view?usp=sharing Port Remediation Update] Presented 2022-12-13 by Thomas Koh and Colin Mitchell
:- [https://docs.google.com/presentation/d/1Z0A3y-VskBf0Kp71zQOK6B2BipoQUNx8AoR6NGpDeIQ/edit?usp=sharing OCP "Streaming" Boot] Presented 2023-01-10 by Varun Sampath and Bharat Pillilli
:- [https://drive.google.com/file/d/1mcn86zaEyk5kir-bb1R0MUm6XNG1oBaR/view?usp=share_link Attested Reset] Presented 2023-01-17 by Jeff Andersen
:- [https://drive.google.com/file/d/1KIo0mwYQ9KmH13oqef4Oc2-emDH6WsJS/view?usp=share_link SBOMs] Presented 2023-02-14 by Bryan Kelly
:- [https://drive.google.com/file/d/1WCquWiaBlAsoInLwDX8NkMxnptVMBNuJ/view?usp=share_link Secure Manufacturing] Presented 2023-03-28 by Jeff Plank
:- [https://drive.google.com/file/d/1JE56f_DOJEhMVb_o6MW10DqshoAVWNov/view?usp=sharing 3P Firmware Audits] Presented 2023-04-12 by Eric Eilertson, Þórður Björnsson
:- [https://drive.google.com/file/d/1F6Dkx9dvnGz4UPHm1_Nqzm0pulvi-xib/view?usp=share_link 3P Audits] Presented 2023-05-16 by Alex Matrosov
:- [https://drive.google.com/file/d/1I04Fxi8P1XsvnMrTzkkUoMruFfqNBTM1/view?usp=sharing Requests to NIST regarding asymmetric key derivation] Presented 2023-06-06 by Jeff Andersen and Thomas Bowen
:- [https://drive.google.com/file/d/1Z8dQSqCr_iGOO8yT0PKW5PAnGHV3q_M6/view?usp=sharing Specification and Formal Verification of Attestation Mechanisms in Confidential Computing] Presented 2023-06-13 by Muhammad Usama Sardar
:- [https://drive.google.com/file/d/1_T6k_fCjz1njYeDJJfyh6PtRbhVB3w7H/view?usp=drive_link Request to NIST regarding HBS key export] Presented 2023-08-22 by Jeff Andersen
:- [https://drive.google.com/file/d/1og-YYG9zOutfcNVbMAwNP0z9nbZH-QmF/view?usp=sharing Device attestation 1] Presented 2024-01-09 by Roksana Mojarad
:- [https://drive.google.com/file/d/1vpxy3xso_T30DN1j53uA55s6wtSWfir6/view?usp=sharing Device attestation 2] Presented 2024-01-23 by Roksana Mojarad
:- [https://drive.google.com/file/d/1u4nE-DCs7KBWfRFf9fcJ_Oxmdd6kdUtd/view?usp=sharing Firmware attestation demo] Presented 2024-01-23 by Roksana Mojarad


==Approved Publications==
==Approved Publications==
Line 135: Line 95:


===Project Leads===
===Project Leads===
:- [mailto:OCP.Security-Lead1@ocproject.net Jeff Andersen] (Google)
:- [mailto:nate.klein@ocproject.net Nate Klein] (Google)


:- [mailto:bryan.kelly@ocproject.net Bryan Kelly] (Microsoft)
:- [mailto:bryan.kelly@ocproject.net Bryan Kelly] (Microsoft)
Line 151: Line 111:
==Regular Project Calls==
==Regular Project Calls==


This project meets weekly on Tuesdays at 9am PT (please check the call calendar).
This project meets weekly on Tuesdays at 8:30am PT (please check the call calendar).


:- [https://www.opencompute.org/projects/security Call Calendar]
:- [https://www.opencompute.org/projects/security Call Calendar]
:- [https://opencompute-org.zoom.us/j/85292919316?pwd=RGk1WkgxTlRVUEU5RWxsN2RJUWFMUT09 Call Link]
:- [https://global.gotomeeting.com/join/271200085 Call Link]
:- [https://docs.google.com/document/d/1VVMUzYESZNuyT1_YJlQSdSKBy-5t1otJIyXTbXuOoX4/edit Meeting Notes]
:- [https://docs.google.com/document/d/1VVMUzYESZNuyT1_YJlQSdSKBy-5t1otJIyXTbXuOoX4/edit Meeting Notes]
You can also dial in using your phone.
United States: +1 (312) 757-3117
Access Code: 271-200-085


==Recordings from Past Calls==
==Recordings from Past Calls==
OCP Security Project Call
OCP Security Project Call  
:- [https://opencompute-org.zoom.us/rec/play/3Fns1hMinmy8kV3In9fQHEU0RLZonrvDlfY7hqLLMaq-QWBateK8MwcX9WwrRQ1N-Ct5xPjtwaXoH8XN.58Quun3VOE-2HgL8?canPlayFromShare=true&from=my_recording&continueMode=true&pwd=uZoPGm651ztJtw5Z6icR-SCoI_XEhO4x&componentName=rec-play&originRequestUrl=https%3A%2F%2Fopencompute-org.zoom.us%2Frec%2Fshare%2FzemheJI1O3MdIvLU9mirga-Pq-a9Hc8fMdTFaIVgxWQfEh1RASGE5j_mvIuEB0dr.ziJVgALWuY88DgE5%3Fpwd%3DuZoPGm651ztJtw5Z6icR-SCoI_XEhO4x April 16th, 2024]
:- [https://opencompute-org.zoom.us/rec/play/PIcn56_293e9-9vB6gvLeIl065muYO0Kt1ekcl5J-X9Vu5txEoK6MbaJC9JF645F-uPn7NcaCc_5nBAb.xIJRjeswOVF7xot9?canPlayFromShare=true&from=share_recording_detail&continueMode=true&pwd=gnKdHWYkaHYQwlVzE9o2Ea3ch0WyFEz1&componentName=rec-play&originRequestUrl=https%3A%2F%2Fopencompute-org.zoom.us%2Frec%2Fshare%2FPegUBcsVY73gLQswfqXxXvqIyzzkocLM4S0KtCrTG3L4iAAOhz8croxKecemREFL.UzjmMMLIcDHLRr9w%3Fpwd%3DgnKdHWYkaHYQwlVzE9o2Ea3ch0WyFEz1 March 12, 2024]
:- [https://opencompute-org.zoom.us/rec/play/ZEoXjz4yoKLHjlapfuUSLWiMhIEuvwhxNqXswK8N0RZ1kzIreI5S_1wbdRyY0osMali5l-Zgy1EKB4s.oIevIpI8Ey9i3a1y?canPlayFromShare=true&from=share_recording_detail&continueMode=true&pwd=ZAsPcNe5FQtB56FUVAWbzwMHwb9sGzfI&componentName=rec-play&originRequestUrl=https%3A%2F%2Fopencompute-org.zoom.us%2Frec%2Fshare%2FaW-nkLm7CEubCFXz_2iqf4fBmqj8MFsGcG2pcj8wX4dZwv5xcvZDGMdTsfVLdlGl._C4ebpn_7EwO03Rh%3Fpwd%3DZAsPcNe5FQtB56FUVAWbzwMHwb9sGzfI March 5, 2024]
:- [https://www.youtube.com/watch?v=QqWqmLiT8SQ Feb 6, 2024]
:- [https://www.youtube.com/watch?v=2O7SpFGLB9k Jan 30, 2024]
:- [https://www.youtube.com/watch?v=8nVGgKYbHMg Jan 23, 2024]
:- [https://www.youtube.com/watch?v=UfEYUby2zYo Jan 9, 2024]
:- [https://www.youtube.com/watch?v=wpuabUu8CVE Dec 5, 2023]
:- [https://www.youtube.com/watch?v=NfMTZ3sTsCw Nov 28, 2023]
:- [https://www.youtube.com/watch?v=kEg7g_YFpPs Nov 14 2023]
:- [https://www.youtube.com/watch?v=jBnc0grxKAQ Oct 31, 2023]
:- [https://www.youtube.com/watch?v=kJss3CnI9_8 September 12, 2023]
:- [https://www.youtube.com/watch?v=oUQNfP7NfRY August 29, 2023]
:- [https://www.youtube.com/watch?v=fv05QtP0UhM August 22, 2023]
:- [https://www.youtube.com/watch?v=ic1wDq416Mc August 15, 2023]
:- [https://www.youtube.com/watch?v=upGMu4vAF2M August 1, 2023]
:- [https://www.youtube.com/watch?v=KvQievXmZkA July 25, 2023]
:- [https://www.youtube.com/watch?v=vLqXiZSMyng July 18, 2023]
:- [https://www.youtube.com/watch?v=EvYXCvfH3vA July 11, 2023]
:- [https://www.youtube.com/watch?v=hcZ-O4odmxc June 20, 2023]
:- [https://www.youtube.com/watch?v=5WXPcGKxlYc June 13, 2023]
:- [https://www.youtube.com/watch?v=kiB3jDBUpRA June 6, 2023]
:- [https://www.youtube.com/watch?v=N0P-CLI3VD8 May 16, 2023]
:- [https://www.youtube.com/watch?v=oc4AXtx82AY May 9, 2023]
:- [https://www.youtube.com/watch?v=pKSFYjsIPQ0 May 2, 2023]
:- [https://www.youtube.com/watch?v=hLcop4xEcyw April 11, 2023]
:- [https://www.youtube.com/watch?v=JQfJo-50Rd8 March 28th, 2023]
:- [https://www.youtube.com/watch?v=dD7Yojz1qOI March 21, 2023]
:- [https://www.youtube.com/watch?v=wQpu2ZnJkAE February 28, 2023]
:- [https://www.youtube.com/watch?v=NFk09xwzRu8 February 14, 2023]
:- [https://www.youtube.com/watch?v=LuXkt4MEfLk January 31, 2023]
:- [https://www.youtube.com/watch?v=9AooIeS0m9U January 17, 2023]
:- [https://www.youtube.com/watch?v=nwD7bLssH8U January 10, 2023]
:- [https://www.youtube.com/watch?v=dOglaXDWYGs December 13th, 2022]
:- [https://www.youtube.com/watch?v=1wbEDfkgWqc December 6th, 2022]
:- [https://www.youtube.com/watch?v=cxUrEHheTXM November 29th, 2022]
:- November 15th, 2022 - No Recording
:- November 1st, 2022 - No Recording
:- [https://www.youtube.com/watch?v=woUQuPTzcxc October 11th, 2022]
:- [https://www.youtube.com/watch?v=v94hkpQ8104 October 4th, 2022]
:- [https://www.youtube.com/watch?v=g0aS4aWte28 September 27th, 2022]
:- [https://www.youtube.com/watch?v=g0aS4aWte28 September 27th, 2022]
:- [https://www.youtube.com/watch?v=lZ1PnJml1CY September 13th, 2022]
:- [https://www.youtube.com/watch?v=lZ1PnJml1CY September 13th, 2022]
Please note that all contributions to OpenCompute may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see OpenCompute:Copyrights for details). Do not submit copyrighted work without permission!
Cancel Editing help (opens in new window)
Retrieved from "https://www.opencompute.org/w/index.php?title=Security"