Add Security Concept Presentation

Signed-off-by: Holger Dengler <dengler@linutronix.de>

2 files changed, 136 insertions, 0 deletions

diff --git a/security/basics/Makefile b/security/basics/Makefile
new file mode 100644
index 0000000..257d70d
--- /dev/null
+++ b/security/basics/Makefile
@@ -0,0 +1,9 @@
+all:
+	for pdf in `ls -1 handout_*.tex pres_*.tex 2> /dev/null` ; do \
+		TEXINPUTS=`pwd`/../..:.:..:$(TEXINPUTS) pdflatex $$pdf; \
+		TEXINPUTS=`pwd`/../..:.:..:$(TEXINPUTS) pdflatex $$pdf; \
+	done
+
+clean:
+	rm -f *.aux *.log *.pdf *.log *.snm *.toc *.vrb *.nav *.out
+
diff --git a/security/basics/pres_concept.tex b/security/basics/pres_concept.tex
new file mode 100644
index 0000000..d021f0c
--- /dev/null
+++ b/security/basics/pres_concept.tex
@@ -0,0 +1,127 @@
+\def\lximg{/usr/share/lx/icons/fueller.png}
+
+\input{configpres}
+
+\subsection{Security}
+
+\title{Security}
+\maketitle
+
+\def\lximg{none}
+
+\begin{frame}
+\frametitle{Contents}
+\tableofcontents
+\end{frame}
+
+% ----------------------------
+\subsubsection{Terminology}
+
+\begin{frame}[fragile]
+\frametitle{Safety / Security}
+Separate Issues
+\begin{itemize}
+\item Safety: Betriebssicherheit
+\item Security: Datensicherheit / Sicherung
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Safety vs. Security?}
+After Delivery
+\begin{itemize}
+\item Safety: No Changes allowed
+\item Security: Prompt Changes required
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Safety and Security}
+Safe and Secure (Realtime) Systems?
+\begin{itemize}
+\item Combined Systems
+\item Virtual Concept
+\item Realtime in VM?
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\subsubsection{Problem Statement}
+
+\begin{frame}[fragile]
+\frametitle{Why is System Security important?}
+\begin{itemize}
+\item Communication
+\item Worldwide connected
+\item Interfaces:
+\begin{itemize}
+\item Data Retrieval
+\item Management
+\item Maintenance
+\end{itemize}
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Protection}
+How to protect:
+\begin{itemize}
+\item (Production-)Data
+\item Functionality
+\item Integrity
+\item Communication Content
+\item Communication Authenticity
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\subsubsection{Design Concepts}
+
+\begin{frame}[fragile]
+\frametitle{Access Control}
+\begin{itemize}
+\item General Access
+\item Role-based Access to Data
+\item Role-based Access to Functionality
+\item Role-based Access to Resources
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Communication}
+\begin{itemize}
+\item Reduce Communication
+\item Secure affected Channels
+\item Authenticate where needed
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{System Design}
+\begin{itemize}
+\item Security Aspects first!
+\item Clear and Simple Design
+\item Workflows for Update and Maintenance
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\subsubsection{Conclusion}
+
+\begin{frame}[fragile]
+\frametitle{Conclusion}
+\begin{itemize}
+\item KIS - Keep it (the System) simple
+\item ''A chain is only as strong as its weakest link''
+\item Security is NOT a one-time effort
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\subsection{}
+\input{tailpres}