Increasing trust in the open source supply chain with reproducible builds and functional package management
Functional package managers (FPMs) and reproducible builds (R-B) are technologies and methodologies that are conceptually very different from the traditional software deployment model, and that have promising properties for software supply chain security. This thesis aims to evaluate the impact of FMPs and R-B on the security of the software supply chain and propose improvements to the FPM model to further improve trust in the open source supply chain.
Julien Malka is a PhD student in software supply chain security at Télécom Paris, Institut Polytechnique de Paris. His research interests focus on software supply chain security, functional package managers and reproducible builds, but cover more widely cybersecurity and type theory topics. He is also a NixOS developer in his free time.
Tue 16 AprDisplayed time zone: Lisbon change
14:00 - 15:30 | Focus Group: Software SecurityDoctoral Symposium at Fernando Pessoa Chair(s): Laurie Williams North Carolina State University | ||
14:00 90mPoster | Sustainable Adaptive Security Doctoral Symposium Kushal Ramkumar Lero@University College Dublin File Attached | ||
14:00 90mPoster | A software security evaluation framework Doctoral Symposium Arina Kudriavtseva Leiden University | ||
14:00 90mPoster | Increasing trust in the open source supply chain with reproducible builds and functional package management Doctoral Symposium Julien Malka LTCI, Télécom Paris, Institut Polytechnique de Paris, France Pre-print | ||
14:00 90mPoster | Studying and Improving Software License Compliance in Practice Doctoral Symposium Nathan Wintersgill William & Mary | ||
