Arm and VMware are bringing three powerful CNCF projects (SPIFFE, SPIRE and PARSEC) together to demonstrate how cloud-native workloads can access the best hardware security facilities of any platform in a way that is portable, convenient to consume, and which scales to multiple workloads.
SPIFFE, the Secure Production Identity Framework For Everyone, alongside its production grade implementation project SPIRE, are both now incubation projects within CNCF. These mature projects provide the Application IDs which can be leveraged by services to positively identify workloads running in edge devices.
PARSEC, the Platform Abstraction for Security project is a simple and portable way to access platform facilities for key management and cryptography on any hardware with any programming language. But Parsec is much more than just an API shim. It also provides key management and access control based on the identities of workloads, keeping their secure assets separate.
At the Cloud Native Security day, North America on November 17, Andres Vega (VMware) and Paul Howard (Arm) will host a lightning talk where they will show how Parsec can be combined with SPIFFE and SPIRE to provide a key management service based on attested workload identities. The demo will highlight hardware backed security for multi-tenancy at the edge in a simple and secure way by using SPIFFE IDs as namespaces in the PARSEC service.
Sign up for the session here: https://sched.co/fJAk
Register for the Event