Linux Foundation Taps Researcher’s Security Framework as Standard for the Cloud

BROOKLYN, New York – Cloud computing, laptops, medical devices, smartphones, tablets, the Internet of Things and even automobiles increasingly employ software updates to add new features, improve existing ones, and fix security vulnerabilities. But updates are an open door for hackers seeking to compromise software repositories — the servers that host and distribute software — and thus deliver malicious updates to potentially millions of end-user devices.

The Linux Foundation recently recognized The Update Framework (TUF), which is overseen by a research team at NYU Tandon School of Engineering, as a key security system for thwarting such attacks. The Foundation tapped TUF as one of two new projects hosted by its Cloud Native Computing Foundation (CNCF). The other is Notary — the most prominent implementation of TUF. Notary is a content management and verification tool developed by Docker, a pioneering tech company that provides containers, used for safe and efficient cloud computing.

Developed by NYU Tandon Associate Professor of Computer Science and Engineering Justin Cappos, along with NYU Tandon Ph.D. Trishank Karthik Kuppusamy; other NYU Tandon graduates; and developers including Vladimir Diaz and Sebastien Awwad, the TUF specification is a flexible and robust technology that defends against a wide range of attacks on software update mechanisms.

Cappos explained that TUF addresses weaknesses in many other software update security systems. “TUF is uniquely able to protect users when the repositories themselves and the single cryptographic key used to sign updates, have been compromised,” he said. “By using a variety of keys for content signing and verification, TUF can prevent the worst case scenario: attackers signing, distributing, and installing malware on countless devices, threatening national security and human lives.”

Cappos lauded Docker’s implementation of TUF. “Docker’s security team did a fantastic job of taking the TUF specification and tailoring it to fit the cloud,” he said. “They have been excellent partners and have been working to make improvements they pioneered in Notary available to all TUF deployments.”

In addition to Docker, TUF is being used in production by non-profit, open-source organizations such as the LEAP encryption project, as well as other tech companies, including Flynn, VMware, Kolide, DigitalOcean, Cloudflare and CoreOS.

The basic technology behind TUF traces back to work conducted in 2009 by Justin Samuel and Cappos, based on an earlier collaboration with developers from the Tor project, under the support of the National Science Foundation.

2010: Improving upon the Thandy software updater for the Tor private browser, Justin Samuel and Justin Cappos collaborate to design and publish an academic research paper on The Update Framework (TUF).

2013: Justin Cappos, Trishank Kuppusamy, and Vladimir Diaz begin research into adapting and improving TUF for Python, Ruby, and other environments used for cloud computing.

2015: Docker launches Notary, which is an independent implementation of TUF. It also launches Docker Content Trust, which uses Notary to sign and verify container images.

2016: A consortium including NYU Tandon (Cappos, Kuppusamy, Diaz, Awwad), theUniversity of Michigan Transport Research Institute (UMTRI), and the Southwest Research Institute (SWRI), begin developing Uptane, an evolution of TUF, to protect updates for vehicles from being easily compromised by rogue nation-state attackers.

2017: Uptane is named to list of “Top Security Innovations of 2017” by Popular Science magazine. Around the same time, The Linux Foundation names TUF as one of two new security projects hosted by its Cloud Native Computing Foundation.

One significant application of TUF is a new technology called Uptane, designed to secure software updates for automobiles. Developed in partnership with the University of Michigan Transportation Research Institute (UMTRI) as well as the Southwest Research Institute (SWRI), along with collaboration by stakeholders in industry, academia, and government, Uptane modifies the TUF architecture to meet the specific security needs of the automotive industry.

“Uptane allows vehicle manufacturers to customize updates for vehicles on-demand without necessarily compromising security,” said Kuppusamy.

Uptane is being integrated by a few prominent automotive suppliers, including OTAinfo, Lear Corporation, and Advanced Telematic Systems, the latter of which is the first European company to utilize the technology, and discussions continue with a number of manufacturers.

As CNCF hosted projects, Notary and TUF will be part of a “neutral” community aligned with technical interests, and operated through an open process rather than the business interests of a company. The CNCF will support Notary and TUF with marketing and documentation efforts as well as with helping grow their communities.

“The inclusion of Notary and TUF into the CNCF is an important milestone as it is the Foundation’s first project to address concerns regarding the trusted delivery of content for containerized applications,” said Solomon Hykes, Founder and CTO at Docker and CNCF TOC project sponsor, in a statement. “Notary is already at the heart of several security initiatives throughout the container ecosystem and with this donation, it will be even more accessible as a building block for broader community collaboration.”


About the New York University Tandon School of Engineering
The NYU Tandon School of Engineering dates to 1854, the founding date for both the New York University School of Civil Engineering and Architecture and the Brooklyn Collegiate and Polytechnic Institute (widely known as Brooklyn Poly). A January 2014 merger created a comprehensive school of education and research in engineering and applied sciences, rooted in a tradition of invention and entrepreneurship and dedicated to furthering technology in service to society. In addition to its main location in Brooklyn, NYU Tandon collaborates with other schools within NYU, the country’s largest private research university, and is closely connected to engineering programs at NYU Abu Dhabi and NYU Shanghai. It operates Future Labs focused on start-up businesses in downtown Manhattan and Brooklyn and an award-winning online graduate program. For more information, visit engineering.nyu.edu.

Learn more about: Justin Cappos