Increasing Trust in the Open Source Supply Chain with Reproducible Builds and Functional Package Management - Département Informatique et Réseaux Access content directly
Conference Papers Year : 2024

Increasing Trust in the Open Source Supply Chain with Reproducible Builds and Functional Package Management

Julien Malka
  • Function : Author
  • PersonId : 1348322
  • IdHAL : julienmalka
Autonomic and Critical Embedded Systems
Département Informatique et Réseaux

Abstract

Functional package managers (FPMs) and reproducible builds (R-B) are technologies and methodologies that are conceptually very different from the traditional software deployment model, and that have promising properties for software supply chain security. This thesis aims to evaluate the impact of FMPs and R-B on the security of the software supply chain and propose improvements to the FPM model to further improve trust in the open source supply chain.

Domains

Cryptography and Security [cs.CR] Cryptography and Security [cs.CR]
Fichier principal
Vignette du fichier
main.pdf (417.7 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Julien Malka  : Connect in order to contact the contributor

https://hal.science/hal-04482192

Submitted on : Wednesday, February 28, 2024-2:39:40 PM

Last modification on : Wednesday, March 6, 2024-11:49:56 AM

Download

Dates and versions

hal-04482192 , version 1 (28-02-2024)

Identifiers

Cite

Julien Malka. Increasing Trust in the Open Source Supply Chain with Reproducible Builds and Functional Package Management. 46th International Conference on Software Engineering (ICSE 2024) - Doctoral Symposium (DS) Track, Apr 2024, Lisbonne, Portugal. ⟨10.1145/3639478.3639806⟩. ⟨hal-04482192⟩

Export

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

INSTITUT-TELECOM LTCI INFRES ACES IP_PARIS
134 View
92 Download

Altmetric

Share

Gmail Facebook X LinkedIn More