This thesis investigates how transparency log overlays can provide additional security guarantees for rebuilders building Debian packages. In Reproducible Builds it is important to have a set of independent and distributed systems building packages to make sure they have not been tampered with. By putting BUILDINFO files and in-toto link metadata on a proof-of-concept rebuilder transparency log we are capable of detecting tampering of the published logs despite the current scaling problems. This gives users and companies additional security guarantees in the software supply chain for Debian packages
Users in a datacenter or cloud system, including privileged users (e.g., root-level users), should b...
Uncorrupted log files are the critical system component for computer forensics in case of intrusion ...
Transparency logs are designed to help users audit untrusted servers. For example, Certificate Trans...
This thesis investigates how transparency log overlays can provide additional security guarantees fo...
International audienceAlthough it is possible to increase confidence in Free and Open Source Softwar...
Software-update mechanisms are critical to the security of modern systems, but their typically centr...
Internet security and privacy stand on the trustworthiness of public certificates signed by Certific...
Certificate Transparency (CT) logs are append-only tamper-evident data structures that can be verifi...
Auditing system logs is an important means of ensuring systems' security in situations where run-tim...
The majority of computer users download software from the Internet and run it directly on their mach...
System logging is an essential component of building and maintaining secure systems. Unfortunately, ...
We propose the Cloud Log Assuring Soundness and Secrecy (CLASS) process as an elective plan for the ...
Traceability links among different software engineering artifacts make explicit how a software syste...
The subject of this dissertation is the construction of privacy-enhancing technologies (PETs) for tr...
The Twelfth International Workshop on Collaborative Editing Systems, CSCW'12International audienceIn...
Users in a datacenter or cloud system, including privileged users (e.g., root-level users), should b...
Uncorrupted log files are the critical system component for computer forensics in case of intrusion ...
Transparency logs are designed to help users audit untrusted servers. For example, Certificate Trans...
This thesis investigates how transparency log overlays can provide additional security guarantees fo...
International audienceAlthough it is possible to increase confidence in Free and Open Source Softwar...
Software-update mechanisms are critical to the security of modern systems, but their typically centr...
Internet security and privacy stand on the trustworthiness of public certificates signed by Certific...
Certificate Transparency (CT) logs are append-only tamper-evident data structures that can be verifi...
Auditing system logs is an important means of ensuring systems' security in situations where run-tim...
The majority of computer users download software from the Internet and run it directly on their mach...
System logging is an essential component of building and maintaining secure systems. Unfortunately, ...
We propose the Cloud Log Assuring Soundness and Secrecy (CLASS) process as an elective plan for the ...
Traceability links among different software engineering artifacts make explicit how a software syste...
The subject of this dissertation is the construction of privacy-enhancing technologies (PETs) for tr...
The Twelfth International Workshop on Collaborative Editing Systems, CSCW'12International audienceIn...
Users in a datacenter or cloud system, including privileged users (e.g., root-level users), should b...
Uncorrupted log files are the critical system component for computer forensics in case of intrusion ...
Transparency logs are designed to help users audit untrusted servers. For example, Certificate Trans...