Loading…
Bengaluru, India
February 17, 2020

Click Here for More Information & Registration
Simple
Expanded
Grid
By Venue
Advanced Sessions [clear filter]
Monday, February 17
 

14:45 IST

Securing Container Image Root File System on the Kubernetes Worker Nodes  - Harshal Patil & Pradipta Banerjee, IBM
The upcoming Memory Protection & Encryption capabilities in the hardware conceal the workload running in the cloud system such that, even the root of the system won't be able to read the memory pages used by the workload.


This is a continuation of our efforts to bring the advancements in Memory Protection and Encryption to the container workloads. In KubeCon Barcelona 2019 (https://sched.co/MPdQ) we spoke about protecting ephemeral volumes while in KubeCon China 2019 (https://sched.co/NrpO) we introduced encryption in container images. Taking this forward, in this presentation along with the demo, we will talk about the ideas around protecting container rootfs from malicious host administrators. Container images are extracted on the host by the containerd, but in order to take full advantage of the Memory Encryption, we need to change the way container images are pulled on the host.
Speakers
HP

Harshal Patil

Advisory Systems Software Engineer, IBM
Harshal is an Open Source developer working on Kubernetes and Runtimes. At IBM Power Systems, he designs and implements container architectures focused on security that take advantage of Power's unique hardware features. In the container ecosystem, Harshal’s contributions span from... Read More →
avatar for Pradipta Banerjee

Pradipta Banerjee

Senior Tech Staff Member, IBM
Pradipta is a Senior Technical Staff Member in IBM Systems, where he leads cloud-native platform initiatives and works with customers to help them with their digital transformation journey. He comes with an extensive infrastructure and cloud background and has worked on many first... Read More →

Presentation pdf
Monday February 17, 2020 14:45 - 15:10 IST
Royals
  Advanced Sessions, Security, Identity & Policy (includes Notary, OPA, TUF, & SPIFFE/SPIRE)
 
Filter sessions
Apply filters to sessions.
Monday, February 17
Legacy
Royals
Royals Foyer
Tent
  • Advanced Sessions
  • Beginner Sessions
  • Breaks + Meals
  • Keynote Sessions
  • Registration + Badge Pick-up
  • Sponsor Showcase
  • Popular