...
Recording & Transcript
Attendance
Please enter your name and company. Tag yourself using LF ID User Name. Don't have an LF ID yet? Go here: https://myprofile.lfx.linuxfoundation.org/.
Name | Company |
---|---|
Linux Foundation | |
Muddasar Ahmed | MITRE |
Vijayakumar R Tawker | Veltris |
Zahir Patni | Peraton Labs |
@Ron Victor | Accuknox |
Agenda:
...
- ONE Summit 2024, April 29 - May 1. San Jose CA
- Schedule has been announced: https://events.linuxfoundation.org/one-summit-north-america/program/schedule/
- Intent Driven Orchestration for Autonomous Networks Leveraging GenAI, Nephio & ONAP - Keguang He, China Mobile & Ganesh Narayan, Infosys. https://sched.co/1YUrH
- SEDIMENT for IoT Device Security and Authentication - Zahir Patni, Peraton Labs. https://sched.co/1YUsm
- Schedule has been announced: https://events.linuxfoundation.org/one-summit-north-america/program/schedule/
- Proposal to add 5G SBP Office hours during ONE Summit, will kiosks be available? LJ Illuzzi
- LFN D&TF May 2-3, San Jose CA. Request for Programming Committee help
- ONE Summit 2024, April 29 - May 1. San Jose CA
...
- A meeting between IBM, Aarna Networks, and LFN took place on 02/16. to discuss high-level overview and scope.
- IBM introduced the concept of application-centric connectivity <---YouTube link
- IBM Hybrid Cloud Mesh (IBM product). Potential to open source a subset of this product.
Open-source Mesh components currently include Open Horizon and skupper.io
- IBM Hybrid Cloud Mesh (IBM product). Potential to open source a subset of this product.
- Potential to integrate connectivity APIs to CSP 4G and 5G cores - AT&T, as an example
- Next Steps:
- Overview and Deep Dive IBM to present an overview and deep dive of IBM Hybrid Cloud Mesh. Targeted for Off-week working group meeting
- New Use Case/collaboration proposal (Muddasar):
- Project L3AF uses eBPF for LSM (Linux Security Modules). There may be a potential for alignment around security; zero-trust capabilities- Ron to take it up with KubeArmor technical team
- Muddasar asked if SEDIMENT can be ported to Linux to expand it capabilities to say, self-attestation.
- Zahir shared that SEDIMENT can be used on Linux and uses the notion of user-defined functions so that for Linux devices, with much larger storage spaces then IoT devices, specific files can be specified to be attested to insure they have not been tampered with.
- Drilling deeper it is proposed that SEDIMENT might be used to attest a Linux host before deployment. For example, when a CSP deploys Kubernetes infrastructure on Linux based platforms there is a capability where SEDIMENT can attest the host before deployment. A base-level Use Case can show the concept of using Linux to deploy different security-level SLAs
- SEDIMENT presentation accepted for ONE Summit: https://onesummit2024.sched.com/event/1YUsm?iframe=no
- Demo on environmental sensors Use Case was presented on 12/06.
- Recording: https://zoom.us/rec/share/WBx-IEaAOA-Lziq0QFL2fgHeTueprtEMWuJ8OmjFVhyaFY03A2sIZdN6FbA-sZ5U.i5IRCAXgvYEuxX45
- Jump forward 13 minutes for start of demo
- Request- add scenario where sensor is rejected.
- Recording: https://zoom.us/rec/share/WBx-IEaAOA-Lziq0QFL2fgHeTueprtEMWuJ8OmjFVhyaFY03A2sIZdN6FbA-sZ5U.i5IRCAXgvYEuxX45
- Initial PoC:
- Potential Hex Five sub project - Cesare/Rajesh - On hold. Remove
- Investigative meeting took place between Peraton and Hex Five (Cesare).
- Next Step- Hex Five to potentially come back with a proposal. in progress as of 11/01/23
- Next Steps:
- Muddasar new Use Case proposals. In progress
- Zahir/LJ working on adding environmental sensors Use Case to Library
- Looking to create an easy to use guidebook (Raj)
- API work- working continuing
- Would have to go through DARPA Public Release process
- Aarno Labs- an MIT spin-off. Provides security for (currently) Java script. Whereas KubeArmor protects at the container level, Aarno protects at the Java script program level. SEDIMENT offers them an alternative where they may not be deploying on SGX (Software Guard Extensions). Contact Eric and Jeff Perkins also on SEDIMENT project. Raj to make introduction. Presented on Sept PI meeting. On hold. Remove
- Identify and develop a security Use Case-Remove
- Yogendra Pal discuss during a deep-dive meeting
- New Use Case/collaboration proposal (Muddasar):
SEDIMENT- Environmental Sensor Use Case
SEDIMENT- Environmental Sensor Use Case
- New version on demo with multiple devices, and includes failure
- Updates to slides in progress.
- Then send to DARPA for approval
- SEDIMENT SEDIMENT presentation accepted for ONE Summit: https://onesummit2024.sched.com/event/1YUsm?iframe=no
- Demo on environmental sensors Use Case was presented on 12/06.
- Recording: https://zoom.us/rec/share/WBx-IEaAOA-Lziq0QFL2fgHeTueprtEMWuJ8OmjFVhyaFY03A2sIZdN6FbA-sZ5U.i5IRCAXgvYEuxX45
- Jump forward 13 minutes for start of demo
- Recording: https://zoom.us/rec/share/WBx-IEaAOA-Lziq0QFL2fgHeTueprtEMWuJ8OmjFVhyaFY03A2sIZdN6FbA-sZ5U.i5IRCAXgvYEuxX45
- Notes from 02/06 and 02/20- Zahir/LJ
Action Items/discussion points:
- Updated demo that includes RA failure. Target end of Feb
- Submit for DARPA approvals by mid-March
Established Baselines:
- Environmental Sensor Use Case will be a separate entry into the Library as opposed to adding to the existing SEDIMENT entry
- DARPA approval is required. Both Environmental Sensor Use Case for Library submission, as well as ONE Summit presentation, and updated demo will be sent for approval at the same time.
- April 25 deadline for ONE Summit material submission.
- DARPA needs 15 business days (3 weeks) for approval process.
- DARPA approval items should be summitted by mid-March
- Repo: github.com/sediment-lfproject/remote-attestation
Enhancing Autonomous Network through Generative AI and Intent-Driven Technologies - Keguang He (China Mobile)
- New Use Case/Collaboration Proposals:
- Project L3AF uses eBPF for LSM (Linux Security Modules). There may be a potential for alignment around security; zero-trust capabilities-.
- Are there Industry vertical support templates for KubeArmor? @ron victor to followup
- Next Steps:
- Ron to take it up with KubeArmor technical team. LJ Illuzzi send L3AF info to Ron.
- Ron to follow up on Industry vertical support templates
- Next Steps:
- Can SEDIMENT be ported to Linux to expand it capabilities to say, self-attestation.
- Zahir shared that SEDIMENT can be used on Linux and uses the notion of user-defined functions so that for Linux devices, with much larger storage spaces then IoT devices, specific files can be specified to be attested to insure they have not been tampered with.
- Drilling deeper it is proposed that SEDIMENT might be used to attest a Linux host before deployment. For example, when a CSP deploys Kubernetes infrastructure on Linux based platforms there is a capability where SEDIMENT can attest the host before deployment. A base-level Use Case can show the concept of using Linux to deploy different security-level SLAs
- Expand to confidencial computing?
- Next Steps:
- Zahir flushing out the idea internally at Peraton Labs
- Next Steps:
- Can SEDIMENT be ported to Linux to expand it capabilities to say, self-attestation.
- A ONE Summit session has been approved: https://events.linuxfoundation.org/one-summit-north-america/program/schedule/
- There is a need to set up a recurring call on India/China friendly time to keep this moving forward. This may occur through the AI Task Force where an APAC-friendly time is being established
- The AI Taskforce will serve as another platform to move this initiative forward
- Current Work-in Progress:
- Add Large Model Interactive Interface
- Create the llm-adaptation service
- Integrate llm-adaptation with OpenAI.
- Integrate llm-adaptation with intent-analysis.
- Fine tune China Mobile's Jiutian large model to obtain a large model suitable for ONAP knowledge question answering and ONAP intent processing
- Next Steps/Goals:
- Present relevant large model demo at ONE Summit in April
- Potential add Nephio integration
- A bi-weekly call on Mondays has been established at an APAC friendly time for this project.
- How do we advertise this initiative to outside world; DT, AT&T?
- Add meeting logistics here: https://zoom-lfx.platform.linuxfoundation.org/meeting/93560504385?password=edb14ea6-3588-40b3-87f2-f6b879f0403d
----- Back Burner ---------
Orchestration of OAI Core and Amarisoft gNB with EMCO - Yogen/Vikas (Aarna Networks)
...
- Off-week Working Group and Deep Dive Meeting
- Topic- AccuknoxKubeArmor/L3AF collaboration - Tentative
...