Hardware Backed Security For Multitenancy at the Edge with SPIFFE & PARSEC - Paul Howard, Arm & Andres Vega, VMware

less than 1 minute read

Abstract

Three powerful CNCF projects come together in this session, which focuses on how cloud-native workloads can access the best hardware security facilities of any platform in a way that is portable, convenient to consume, and which scales to multiple workloads. SPIFFE, the Secure Production Identity Framework for Everyone, alongside its production-grade implementation project SPIRE, are both now incubation projects within CNCF. Parsec (CNCF sandbox) is the Platform Abstraction for Security: a simple and portable way to access platform facilities for key management and cryptography on any hardware in any programming language. But Parsec is so much more than just an API shim. It also provides key management and access control based on the identities of workloads, keeping their secure assets separate. This session will show how Parsec can be combined with SPIFFE and SPIRE to provide a key management service based on attested workload identities,

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Hardware Backed Security For Multitenancy at the Edge with SPIFFE & PARSEC - Paul Howard, Arm & Andres Vega, VMware

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google