[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
35/66: programming-2022: Mention prior work upfront in the intro.
From: |
Ludovic Courtès |
Subject: |
35/66: programming-2022: Mention prior work upfront in the intro. |
Date: |
Wed, 29 Jun 2022 11:32:01 -0400 (EDT) |
civodul pushed a commit to branch master
in repository maintenance.
commit bc104ed96d64fbe535b424c4f92586dbd937df23
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Tue Jan 25 10:04:08 2022 +0100
programming-2022: Mention prior work upfront in the intro.
* doc/programming-2022/supply-chain.skb (Introduction): Include
paragraph from the abstract stating why prior work is insufficient.
---
doc/programming-2022/supply-chain.skb | 33 ++++++++++++++++++++++++++++-----
1 file changed, 28 insertions(+), 5 deletions(-)
diff --git a/doc/programming-2022/supply-chain.skb
b/doc/programming-2022/supply-chain.skb
index a0ce74f..6dac3cb 100644
--- a/doc/programming-2022/supply-chain.skb
+++ b/doc/programming-2022/supply-chain.skb
@@ -189,7 +189,7 @@ updating Guix-installed software packages means, first,
updating the
local copy of the Guix source code. Prior work on secure software
updates focuses on systems very different from Guix—systems such as
Debian, Fedora, or PyPI where updating consists in fetching metadata
-about the latest binary artifacts available—and largely inapplicable in
+about the latest binary artifacts available—and is largely inapplicable in
the context of Guix. Deployment tools that more closely resemble Guix,
from Nix to Portage, either lack secure update mechanisms or suffer from
shortcomings.])
@@ -246,16 +246,39 @@ allowing users to search for software packages, to
install them, and to
upgrade them. Unlike apt, yum, and many popular package managers, Guix
builds upon the ,(emph [functional deployment model]) pioneered by Nix
,(ref :bib "dolstra2004:nix"), a foundation for reproducible deployment,
-reproducible builds, and provenance tracking. Guix is essentially a
+reproducible and verifiable builds, and provenance tracking. Guix is
essentially a
“source-based” deployment tool: the ,(emph [model]) is that of a system
where every piece of software is built from source, and pre-built
binaries are viewed as a mere optimization and not as a central aspect
of its design.])
- (p [This paper describes the design and implementation of Guix’s
+ (p [This paper focuses on one research question: how can Guix and
+similar systems allow users to securely update their software? Guix
+source code is distributed using the Git version control system;
+updating Guix-installed software packages means, first, updating the
+local copy of the Guix source code. Prior work on secure software
+updates ,(ref :bib '(samuel2010:survivable kuppusamy2017:mercury))
+focuses on systems very different from Guix—systems such as
+Debian, Fedora, or PyPI where updating consists in fetching metadata
+about the latest binary artifacts available—and is largely
+inapplicable in the context of Guix. Deployment tools that more closely
+resemble Guix, from Nix to Portage and BSD Ports ,(ref :bib
+'(dolstra2004:nix brew2022:github condaforge2022:web
+freebsd2022:handbook pkgsrc2022:guide gentoo2022:portage-security)),
+either lack secure update mechanisms or suffer from shortcomings.])
+
+;; (p [More generally, contrary to recent work on supply chain
+;; security that revolves around ,(emph [attestation]) of the various
+;; supply chain links ,(ref :bib '(torresarias2019:intoto google2021:slsa
+;; sigstore2021:web)), Guix takes a radical approach to support ,(emph
+;; [independent verification]).])
+
+ (p [We describe the design and implementation of Guix’s
secure update mechanism. ,(numref :text [Section] :ident "background")
gives background information necessary to understand the overall
-deployment model of Guix. ,(numref :text [Section] :ident "rationale")
+deployment model of Guix, showing how it supports ,(emph [independent
+verification]) of key links of the software supply chain.
+,(numref :text [Section] :ident "rationale")
presents our goals and threat model for the design of secure updates.
,(numref :text [Section] :ident "authenticating") describes our design
of a Git checkout authentication mechanism and ,(numref :text [Section]
@@ -270,7 +293,7 @@ and report on our experience. Last, ,(numref :text
[Section]
(chapter :title [Background] :ident "background"
- (p [Users of free operating systems such as GNU/Linux are used to
+ (p [Users of free operating systems such as GNU/Linux are familiar with
,(emph [package managers]) like Debian's ,(tt [apt]), which allow them
to install, upgrade, and remove software from a large collection of free
software packages. GNU Guix,(footnote (url "https://guix.gnu.org")) is
- 08/66: ccs-2021: Capitalize section titles., (continued)
- 08/66: ccs-2021: Capitalize section titles., Ludovic Courtès, 2022/06/29
- 10/66: ccs-2021: Improve "Rationale" section., Ludovic Courtès, 2022/06/29
- 13/66: ccs-2021: Proof-read and tweak., Ludovic Courtès, 2022/06/29
- 15/66: ccs-2021: Typos, hyphenation, and other improvements., Ludovic Courtès, 2022/06/29
- 14/66: ccs-2021: Update ACM categories., Ludovic Courtès, 2022/06/29
- 16/66: ccs-2021: Tweak "Related Work"., Ludovic Courtès, 2022/06/29
- 17/66: ccs-2021: Give example authentication throughput., Ludovic Courtès, 2022/06/29
- 18/66: ccs-2021: Prepare for ICSE resubmission., Ludovic Courtès, 2022/06/29
- 19/66: icse-2022: Add CCS reviews., Ludovic Courtès, 2022/06/29
- 20/66: icse-2022: Mention sigstore., Ludovic Courtès, 2022/06/29
- 35/66: programming-2022: Mention prior work upfront in the intro.,
Ludovic Courtès <=
- 36/66: programming-2022: Clarify intro commits and downgrade protection., Ludovic Courtès, 2022/06/29
- 44/66: cise-2022: Remove unused procedures., Ludovic Courtès, 2022/06/29
- 45/66: programming-2022: Add diff document., Ludovic Courtès, 2022/06/29
- 47/66: programming-2022: Add README.md for artifact evaluation., Ludovic Courtès, 2022/06/29
- 22/66: icse-2022: Cite SolarWinds and Executive Order., Ludovic Courtès, 2022/06/29
- 23/66: icse-2022: Address CCS reviewer comments., Ludovic Courtès, 2022/06/29
- 26/66: icse-2022: Fix typos., Ludovic Courtès, 2022/06/29
- 38/66: programming-2022: Tweak dot options., Ludovic Courtès, 2022/06/29
- 33/66: programming-2022: Augment abstract., Ludovic Courtès, 2022/06/29
- 42/66: cise-2022: Improve a couple of references., Ludovic Courtès, 2022/06/29