OmniBOR: A System for Automatic, Verifiable Artifact Resolution across Software Supply Chains | allinfosecnews.com

Feb. 15, 2024, 5:10 a.m. | Bharathi Seshadri, Yongkui Han, Chris Olson, David Pollak, Vojislav Tomasevic

cs.CR updates on arXiv.org arxiv.org

arXiv:2402.08980v1 Announce Type: cross
Abstract: Software supply chain attacks, which exploit the build process or artifacts used in the process of building a software product, are increasingly of concern. To combat these attacks, one must be able to check that every artifact that a software product depends on does not contain vulnerabilities. In this paper, we introduce OmniBOR, (Universal Bill of Receipts) a minimalistic scheme for build tools to create an artifact dependency graph which can be used to track …

artifact artifacts arxiv attacks automatic build building check cs.cr cs.se exploit process product resolution software software supply chain software supply chain attacks software supply chains supply supply chain supply chain attacks supply chains system

More from arxiv.org / cs.CR updates on arXiv.org

Dihedral Quantum Codes 2 days, 7 hours ago | arxiv.org

arxiv block class code +9

A Privacy Preserving System for Movie Recommendations Using Federated Learning 2 days, 7 hours ago | arxiv.org

arxiv businesses cs.cr cs.ir +20

VulLibGen: Identifying Vulnerable Third-Party Libraries via Generative Pre-Trained Model 2 days, 7 hours ago | arxiv.org

accelerate advisory arxiv cs.cr +24

Simultaneous Haar Indistinguishability with Applications to Unclonable Cryptography 2 days, 7 hours ago | arxiv.org

applications arxiv build cloning +11

SoK: Prudent Evaluation Practices for Fuzzing 2 days, 7 hours ago | arxiv.org

afl arxiv bugs concept +13

The Effect of Quantization in Federated Learning: A R\'enyi Differential Privacy Perspective 2 days, 7 hours ago | arxiv.org

arxiv can cs.cr cs.dc +15

Unveiling the Potential: Harnessing Deep Metric Learning to Circumvent Video Streaming Encryption 2 days, 7 hours ago | arxiv.org

arxiv attacks body cs.ai +16

SecureLLM: Using Compositionality to Build Provably Secure Language Models for Private, Sensitive, and Secret Data 2 days, 7 hours ago | arxiv.org

access arxiv back build +15

IBD-PSC: Input-level Backdoor Detection via Parameter-oriented Scaling Consistency 2 days, 7 hours ago | arxiv.org

adversaries arxiv attacks backdoor +22

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Technical Support Specialist (Cyber Security)

@ Sigma Software | Warsaw, Poland

View on infosec-jobs.com

OT Security Specialist

@ Adani Group | AHMEDABAD, GUJARAT, India

View on infosec-jobs.com

FS-EGRC-Manager-Cloud Security

@ EY | Bengaluru, KA, IN, 560048

View on infosec-jobs.com