filmov
tv
Fortifying Microservice Security with SPIRE and OPA - Ash Nakar
Показать описание
Fortifying Microservice Security with SPIRE and OPA - Ash Nakar
Microservice architecture although beneficial brings with it unique security challenges around authentication and authorization which become more acute due to the diverse nature of microservice environments.
How do we reliably authenticate and authorize interactions between 10s, 100s, or even 1000s of services at scale while handling 1000 API calls per second?
SPIRE solves authentication by creating an identity plane across varied infrastructure over which cryptographically verifiable identities such as JWTs are delivered securely to workloads. OPA provides a policy engine that can be used to enforce fine-grained authorization policies across the stack.
We will show how SPIRE issued JWT SVID claims created using SPIRE’s OIDC Federation can be used by OPA to enforce service-to-service and end-user access control in microservice environments without compromising on speed and availability.
Microservice architecture although beneficial brings with it unique security challenges around authentication and authorization which become more acute due to the diverse nature of microservice environments.
How do we reliably authenticate and authorize interactions between 10s, 100s, or even 1000s of services at scale while handling 1000 API calls per second?
SPIRE solves authentication by creating an identity plane across varied infrastructure over which cryptographically verifiable identities such as JWTs are delivered securely to workloads. OPA provides a policy engine that can be used to enforce fine-grained authorization policies across the stack.
We will show how SPIRE issued JWT SVID claims created using SPIRE’s OIDC Federation can be used by OPA to enforce service-to-service and end-user access control in microservice environments without compromising on speed and availability.
0:17:18
Fortifying Microservice Security with SPIRE and OPA - Ash Nakar
0:26:28
Fortifying gRPC Microservices: Beyond JWT with mTLS and SPIFFE | Mehrdad Afshari, Signeen
0:04:35
Service Authentication for Zero Trust Model with SPIRE
0:47:50
Creating a Zero Trust Model for Microservices Architectures with SPIRE and Envoy
0:32:23
Five Things You Didn’t Know You Could Do with SPIFFE and SPIRE - Andrew Jessup & Andrés Vega
0:26:28
Fortifying gRPC Microservices: Beyond JWT with mTLS and SPIFFE - Mehrdad Afshari, Signeen
0:40:11
Zero Trust Service Mesh with Calico, SPIRE, and Envoy - Shaun Crampton & Evan Gilman
0:22:20
Operationalizing SPIRE at Square
0:23:33
Demo: Decoupled Authentication & Authorization for the Cloud Native Enterprise with OPA and SPIR...
0:29:48
Uber x Security: Why and How We Built Our Workload Identity Platform - Tyler Julian & Daniel Fel...
0:25:22
Securing Application Telemetry & Tracing with SPIFFE and Envoy - Sabree Blackmon, Docker
0:02:59
Cryptographic service identity in Kubernetes with SPIFFE and SPIRE
0:31:40
Securing Communication Between Meshes and Beyond with SPIFFE Federation - Evan Gilman & Oliver L...
0:30:24
Intro: SPIFFE - Emiliano Bernbaum & Scott Emmons, Scytale
0:25:55
Keynote: Introduction to SPIFFE by Kelsey Hightower
0:31:12
Running SPIRE In Large Scale, Enterprise-Grade Environments - Andrew Harding, HPE
0:24:45
The Production Identity Control Plane: Recommended Practices for SPIFFE/SPIRE at Scale - Andres Vega
0:48:06
Securing Kubernetes with Istio - Erlend Oftedal
0:25:33
SPIFFE at GitHub - Eric Lee
1:05:55
OPA everywhere! Exploring new opportunities in policy evaluation - Anders Eknert - NDC Security 2023
0:34:25
SPIFFE Meetup Feb 2021 - AWS AppMesh and SPIRE Integration
0:30:28
Istio New Workload Identity Provision Pipeline Based on Envoy SDS - Quanjie Lin & Diem Vu, Googl...
0:01:53
Welcome - Andrés Vega, Umair Khan
0:50:38
Overview of SPIRE
Комментарии