Contents

Con­fi­den­tial Kubernetes

Back­ground

Secu­ri­ty con­cerns remain the num­ber one chal­lenge for adopt­ing and run­ning con­tainer­ized appli­ca­tions in Kuber­netes. Red Hat’s State of Kuber­netes Secu­ri­ty Report, which ana­lyzed sur­vey data from over 500 IT and secu­ri­ty deci­sion-mak­ers, dis­cov­ered a sim­i­lar trend. The report revealed that 59% of respon­dents are most wor­ried about unad­dressed secu­ri­ty and com­pli­ance needs or threats to containers.

Chal­lenge

Some of the most com­mon issues found on Kuber­netes are:

  • Con­tain­er Escapes & Priv­i­lege Esca­la­tion. Mali­cious play­ers can lever­age a con­tainer­ized application’s vul­ner­a­bil­i­ties to breach its iso­la­tion bound­ary, gain­ing access to the host system’s resources.
  • Improp­er Secret Man­age­ment. Pret­ty much any appli­ca­tion you build is bound to store sen­si­tive data of some kind, whether it is the orga­ni­za­tion’s or the user’s. These secrets are often the only thing stand­ing between an attack­er and com­plete access to your inter­nal systems.
  • Com­pro­mised Con­tain­er Images and Reg­istries.  Plen­ty of organ­i­sa­tions use open-source base images when build­ing their own con­tain­er images. These can’t be blind­ly trust­ed, as they might con­tain vul­ner­a­bil­i­ties or secu­ri­ty mis­con­fig­u­ra­tions, and in some cas­es, even hid­den mal­ware that could crip­ple the build.

Solu­tion: K8s with Con­fi­den­tial Containers

enclaive’s Con­fi­den­tial Con­tain­er comes with a series of inbuilt fea­tures to address the above chal­lenges, that can harm the secu­ri­ty of Kuber­netes clusters.
  • Data in Use Encryp­tion. Every con­tain­er shields appli­ca­tions and data dur­ing exe­cu­tion. In the light of a con­tain­er escape, the attack­er may esca­late priv­i­leges and gain root access to the under­ly­ing sys­tem. Nev­er­the­less, with access to the host sys­tem, the attack­er can­not extract valu­able data and secrets from the oth­er con­tain­ers. The rea­son is con­fi­den­tial con­tain­ers are through­out their exe­cu­tion ful­ly mem­o­ry encrypt­ed and pro­tect­ed. Dump­ing the mem­o­ry gives cipher­texts only. Attempts of alter­ing the mem­o­ry or file sys­tem are detect­ed through cryp­to­graph­ic integri­ty protection.
  • Con­tain­er Secret Key Pro­vi­sion­ing.  Secrets like envi­ron­ment vari­ables, files, pass­words, or cryp­to­graph­ic keys are nev­er stored in a con­fi­den­tial con­tain­er. A key man­age­ment ser­vice (KMS) pro­vi­sions the secrets into the con­fi­den­tial con­tain­er through a TLS-like pro­to­col. The KMS ver­i­fies the authen­tic­i­ty of the con­tain­ers and makes sure, only the right con­fi­den­tial con­tain­ers obtain the secrets.
  • Con­tain­er Authen­ti­ca­tion & Attes­ta­tion. Con­fi­den­tial Con­tain­ers have a cryp­to­graph­ic iden­ti­ty. The author­ship is ver­i­fi­able, allow­ing the imple­men­ta­tion of fin­er-grained white-label­ing mech­a­nisms as well as proac­tive user pro­tec­tion: Remote attes­ta­tion allows for on-the-fly scan­ning of out­dat­ed or vul­ner­a­ble con­tain­ers in use based on their cryp­to­graph­ic identity. 

Rec­om­mend­ed Con­fi­den­tial Containers

enclaive offers a large port­fo­lio of Con­fi­den­tial con­tain­ers to shield Kuber­netes clus­ters against the above-men­tioned attack vec­tors. Promi­nent exam­ples include 
arangodb-sgx
ArangoDB
mysql-sgx
Mari­aDB
mongodb-sgx
Mon­goDB
redis-sgx
Redis
nodejs-sgx
Node­js
python-sgx
Python
rust-sgx
Rust
go-sgx
Go
php-sgx
PHP
ruby-sgx
Ruby
java-sgx
Java
c-sgx
C
cplusplus-sgx
C++
csharp-sgx
C#
mosquitto-sgx
Mosquit­to
nginx-sgx
Nginx
wordpress-sgx
Word­Press
umami-sgx
Uma­mi
 

Contact us

Cookie Consent with Real Cookie Banner