新的免费工具为软件供应链增加了一层安全性 (2020)

ID:64225

大小:0.30 MB

页数:3页

时间:2023-06-29

金币:10

上传者:亚森
!
! ! PRESS!OFFICE!•!1!MetroTech!Center,!19
th
!Floor,!Brooklyn,!NY!11201!
! ! ! !!CONTACT!•!Kathleen!Hamilton!
!!!!!!!!!!!!!!!!!!!!!!! ! ! ! ! !!!!646.997.3792!/!mobile!347.843.9782!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! ! ! ! ! !!!!!!!kathleen.hamilton@nyu.edu!
!
!
-more-!
Note:&Images&available&at:&
https://nyutandon.photoshelter.com/galleries/C0000yZB2rPqM.1s/G00001_duf5LXq7E/Cappos-In-Toto&
!
Imme d ia te !R e le a se !!!!
!
!!!!!
!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
New,!free!tool!adds!layer!of!security!for!the!!
!
software!supply!chain!!
!
NYU!Tandon!School!of!Engineering!researchers!launch!open-source!system!that!gives!developers!a!
way!to!verify!integrity!at!each!step!of!software!development!and!deployment!
!
!
BROOKLYN,!New!York,!Tuesday,!December!15,!2020!–!The!software!supply!chain!has!long!been!a!prime!
target!for!cyberattacks,!putting!servers,!IoT!devices,!personal!computers,!and!connected!equipment!
from!surgically!embedded!devices!to!avionics!at!risk!of!sabotage.!These!risks!will!increase!dramatically!
with!the!global!rollout!of!such!new!technologies!as!5G!telecommunications,!and!new!tools!will!be!
required!to!affirm!the!security!and!authenticity!of!software!projects.!Against!this!backdrop,!in-toto,!an!
open-source!tool!developed!by!researchers!at!the!NYU!Tandon!School!of!Engineering!that!provides!an!
unprecedented!level!of!assurance!against!such!attacks,!announces!it!has!hit!a!significant!milestone!
with!the!release!of!its!first!major!version.!!
!
in-toto,!a!free,!easy-to-use!framework!that!cryptographically!ensures!the!integrity!of!the!software!
supply!chain,!was!developed!in!2016!by!Justin!Cappos,!a!professor!of!computer!science!and!
engineering,!and!Santiago!Torres-Arias,!a!former!Ph.D.!student!at!NYU!Tandon,!now!a!professor!at!
Purdue!University.!Since!its!advent!in-toto!has!been!adopted!or!integrated!into!several!major!open!
source!software!projects,!including!those!hosted!by!the!Cloud!Native!Computing!Foundation,!a!part!of!
the!Linux!Foundation.!With!the!release!of!version!1.0,!in-toto!has!reached!a!level!of!maturity!where!its!
developers!can!ensure!its!quality,!and!guarantee!its!security!to!potential!adopters.!
!
Like!blockchain!for!the!software!development!process,!in-toto!ensures!that!all!steps!performed!on!a!
piece!of!software!throughout!its!design!and!development!lifecycle!can!be!trusted!by!providing!
资源描述:

当前文档最多预览五页,下载文档查看全文

此文档下载收益归作者所有

当前文档最多预览五页,下载文档查看全文
温馨提示:
1. 部分包含数学公式或PPT动画的文件,查看预览时可能会显示错乱或异常,文件下载后无此问题,请放心下载。
2. 本文档由用户上传,版权归属用户,天天文库负责整理代发布。如果您对本文档版权有争议请及时联系客服。
3. 下载前请仔细阅读文档内容,确认文档内容符合您的需求后进行下载,若出现内容与标题不符可向本站投诉处理。
4. 下载文档时可能由于网络波动等原因无法下载或下载错误,付费完成后未能成功下载的用户请联系客服处理。
关闭