BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.osfc.io//osfc2020//speaker//SVSWZA
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-osfc2020-KMG73N@cfp.osfc.io
DTSTART;TZID=CET:20201202T144500
DTEND;TZID=CET:20201202T151500
DESCRIPTION:Adding a Trusted Execution Environment (TEE) to OpenBMC will al
 low for a\nvariety of useful features in the realm of security. One curren
 t feature the\nBMC suffers from is the ability to securely store any infor
 mation. A glaring\nexample of this is that IPMI user passwords are require
 d (by the specification)\nto be available as plain-text to be used in RMCP
 + authentication. But because\nthe BMC currently has no method of securing
  any secrets\, it is impossible to\nsecurely encrypt those passwords. Addi
 ng a TEE using the ARM TrustZone\nextensions will allow this exact scenari
 o to be fixed. But adding a TEE isn't\nso simple as just adding a new pack
 age to the OpenBMC Yocto build. This talk\ndives into the details of what 
 hardware requirements\, boot requirements\, and\nother prerequisites are n
 ecessary to be able to securely store secrets on the\nBMC. In addition\, i
 t looks to future work that can be done with a TEE besides\nsimply keeping
  secrets.
DTSTAMP:20260415T171549Z
LOCATION:Main Stage
SUMMARY:Trusted Execution Environment on OpenBMC - Vernon Mauery\, Zhikui R
 en
URL:https://cfp.osfc.io/osfc2020/talk/KMG73N/
END:VEVENT
END:VCALENDAR