10‎ > ‎t‎ > ‎

1

security
  • Vectra raises $36M for its AI-based approach to cybersecurity intrusion detection

    Vectra raises $36M for its AI-based approach to cybersecurity intrusion detection

  • Zelle users are finding out the hard way there’s no fraud protection

    Zelle users are finding out the hard way there’s no fraud protection

  • Chrome will soon mark all unencrypted pages as ‘not secure’

    Chrome will soon mark all unencrypted pages as ‘not secure’

  • Browse more...

cloud native
  • Red Hat acquires CoreOS for $250 million in Kubernetes expansion

    Red Hat acquires CoreOS for $250 million in Kubernetes expansion

  • Microsoft’s new Azure Container Instances make using containers fast and easy

    Microsoft’s new Azure Container Instances make using containers fast and easy

  • Cloud Foundry makes its mark on the enterprise

    Cloud Foundry makes its mark on the enterprise

  • Browse more...

linux foundation
  • Hyperledger releases Hyperledger Sawtooth 1.0, its second distributed ledger project

    Hyperledger releases Hyperledger Sawtooth 1.0, its second distributed ledger project

  • AT&T and Tech Mahindra launch open source AI project

    AT&T and Tech Mahindra launch open source AI project

  • IBM unveils Blockchain as a Service based on open source Hyperledger Fabric technology

    IBM unveils Blockchain as a Service based on open source Hyperledger Fabric technology

  • Browse more...

open source
  • Feature Labs launches out of MIT to accelerate the development of machine learning algorithms

    Feature Labs launches out of MIT to accelerate the development of machine learning algorithms

  • Chef InSpec 2.0 helps automate security compliance in cloud apps

    Chef InSpec 2.0 helps automate security compliance in cloud apps

  • InfluxData scores $35 million Series C to expand time series database business

    InfluxData scores $35 million Series C to expand time series database business

  • Browse more...

cncf

The Cloud Native Computing Foundation adds two security projects to its open source stable

Posted Oct 24, 2017 by Frederic Lardinois (@fredericl)
  • 0

    SHARES
Next Story

Blickfeld scores $4.25M seed round to let autonomous vehicles ‘see’

The Cloud Native Computing Foundation (CNCF) is probably best known for being the home of the Kubernetes container orchestration project, but there plenty of other projects that now fall under the organization’s umbrella. All of them focus on bringing the kind of modern cloud-native tooling that companies like Google, Microsoft, Facebook and others take for granted to a wider range of users.

Today, the CNCF is expanding its stable with the addition of the Docker-incubated Notary and The Update Framework (TUF), which was originally developed by professor Justin Cappos and his team at NYU’s Tandon School of engineering. These are actually related projects. Notary, which can provide a layer of trust to any content, is actually an implementation of the TUF.

The main idea behind all of this is that simply using the TLS protocol to secure the communication between a web server and client isn’t enough, as the server itself may have been hacked. So if you, for example, want to distribute Docker containers and guarantee that these haven’t been compromised, the Notary/TUF client and server applications handle the signing of the metadata and provides you with an additional layer of trust.

“In a developer’s workflow, security can often be an afterthought; however, every piece of
deployed code from the OS to the application should be signed. Notary establishes strong trust
guarantees to prevent malicious content from being injected into the workflow processes,” said
David Lawrence, Senior Software Engineer at Docker. “Notary is a widely used implementation
in the container space. By joining CNCF, we hope Notary will be more widely adopted and
different use cases will emerge.”

Docker uses this to implement its Docker Content Trust system, for example, while LinuxKit uses it to distribute its kernels and system packages. The automotive industry is also looking into a variant of TUF called Uptane to secure the code that runs inside modern cars.

If you want to dig a little bit deeper into how Notary/TUF works, Docker’s documentation probably offers the best introduction.

“Notary and the TUF specification address a key challenge for enterprises working with containers by providing a solution for trusted, cross-platform delivery of content,” writes Chris Aniszczyk, COO of the CNCF, in today’s announcement. “We are excited to have these projects come in as one collective contribution to CNCF and look forward to cultivating their communities.”

The Docker Platform (including the Enterprise and Community editions), Moby Project, Huawei,
Motorola Solutions, VMWare, LinuxKit, Quay and Kubernetes have all integrated Notary/TUF already, so these are clearly projects that should fit in well with the rest of the CNCF tools.

With the addition of Notary and TUF, the CNCF is now home to fourteen projects.

Featured Image: Jeffrey Coolidge/Getty Images
  • 0

    SHARES
Advertisement Advertisement

Crunchbase

  • Cloud Native Computing Foundation (CNCF)

    • Founded 2015
    • Overview Cloud native computing uses an open source software stack to deploy applications as microservices, packaging each part into its own container, and dynamically orchestrating those containers to optimize resource utilization. The Cloud Native Computing Foundation (CNCF) hosts critical components of cloud native software stacks, including Kubernetes and Prometheus. CNCF serves as the neutral home for …
    • Location San Francisco, California
    • Categories Cloud Infrastructure, Cloud Computing, Non Profit, Open Source
    • Website https://www.cncf.io/
    • Full profile for Cloud Native Computing Foundation (CNCF)

Newsletter Subscriptions

Latest Crunch Report

  • The Last Episode Of | Crunch Report

    The Last Episode Of | Crunch Report

Watch More Episodes
  • security
  • cloud native
  • linux foundation
  • open source
  • cncf
  • Popular Posts

    #auto

    Subpages (1): 5
    Comments