Skip to main content.

NetBSD Multimedia Resources List

Links on this page refer to multimedia resources (podcast, vodcast, audio recordings, video recordings, photos) related to NetBSD or of interest for NetBSD users.


This list is available as chronological overview, as a tag cloud and via the sources.
This list is also available as RSS feed

If you know any resources not listed here, or notice any dead links, please send details to Edwin Groothuis so that it can be included or updated.

Tag: matthew burnside

  • Public Key sudo
    Source: New York City *BSD User Group
    Added: 19 August 2008
    Tags: nycbug, presentation, sudo, public key, matthew burnside
    MP3 version (2 Mb)

    Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo.

    Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module.

    Bio:
    Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.

  • Matthew Burnside: Integrated Enterprise Security Mgmt
    Source: New York City *BSD User Group
    Added: 09 March 2007
    Tags: mp3, presentation, enterprise security, matthew burnside
    MP3 version

    Integrated Enterprise Security Management

    Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat.

    Biography
    Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity.