github/confidential-containers
1
0
Fork 0
mirror of https://github.com/confidential-containers/confidential-containers.git synced 2025-04-27 19:15:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: fix broken links

Browse Source 
The links checker reported that the Cloud Native whitepaper
links are broken.

Update to their new URLs with permalinks.

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
This commit is contained in:
Mikko Ylinen 2024-08-23 16:52:52 +03:00 committed by Dan
parent ee6300b5b5
commit 7707096004
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
trust_model.md
View File

@ -37,7 +37,7 @@ Further documentation will highlight specific [threat vectors](./threats_overvie
considering risk, considering risk,
impact, mitigation etc as the project progresses. The Security Assurance section, Page 31, of impact, mitigation etc as the project progresses. The Security Assurance section, Page 31, of
Cloud Native Computing Foundation (CNCF) Cloud Native Computing Foundation (CNCF)
[Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/main/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf) [Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/3e57e7c472f7053c693292281419ab926155fe2d/community/resources/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf)
will guide this more detailed threat vector effort. will guide this more detailed threat vector effort.
### Related Prior Effort ### Related Prior Effort
@ -51,7 +51,7 @@ For example:
"[A Technical Analysis of Confidential Computing](https://confidentialcomputing.io/wp-content/uploads/sites/10/2023/03/CCC-A-Technical-Analysis-of-Confidential-Computing-v1.3_unlocked.pdf)" "[A Technical Analysis of Confidential Computing](https://confidentialcomputing.io/wp-content/uploads/sites/10/2023/03/CCC-A-Technical-Analysis-of-Confidential-Computing-v1.3_unlocked.pdf)"
section 5 of which defines the threat model for confidential computing. section 5 of which defines the threat model for confidential computing.
- CNCF Security Technical Advisory Group published - CNCF Security Technical Advisory Group published
"[Cloud Native Security Whitepaper](https://github.com/cncf/tag-security/blob/main/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf)" "[Cloud Native Security Whitepaper](https://github.com/cncf/tag-security/blob/3e57e7c472f7053c693292281419ab926155fe2d/community/resources/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf)"
- Kubernetes provides documentation : - Kubernetes provides documentation :
"[Overview of Cloud Native Security](https://kubernetes.io/docs/concepts/security/overview/)" "[Overview of Cloud Native Security](https://kubernetes.io/docs/concepts/security/overview/)"
- Open Web Application Security Project - - Open Web Application Security Project -

6
trust_model_personas.md
View File

@ -5,7 +5,7 @@ Otherwise referred to as actors or agents, these are individuals or groups capab
carrying out a particular threat. carrying out a particular threat.
In identifying personas we consider : In identifying personas we consider :
- The Runtime Environment, Figure 5, Page 19 of CNCF - The Runtime Environment, Figure 5, Page 19 of CNCF
[Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/main/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf). [Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/3e57e7c472f7053c693292281419ab926155fe2d/community/resources/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf).
This highlights three layers, Cloud/Environment, Workload Orchestration, Application. This highlights three layers, Cloud/Environment, Workload Orchestration, Application.
- The Kubernetes - The Kubernetes
[Overview of Cloud Native Security](https://kubernetes.io/docs/concepts/security/overview/) [Overview of Cloud Native Security](https://kubernetes.io/docs/concepts/security/overview/)
@ -19,7 +19,7 @@ In identifying personas we consider :
In considering personas we recognise that a trust boundary exists between each persona and we In considering personas we recognise that a trust boundary exists between each persona and we
explore how the least privilege principle (as described on Page 40 of explore how the least privilege principle (as described on Page 40 of
[Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/main/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf) [Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/3e57e7c472f7053c693292281419ab926155fe2d/community/resources/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf)
) should apply to any actions which cross these boundaries. ) should apply to any actions which cross these boundaries.
Confidential containers can provide enhancements to ensure that the expected code/containers Confidential containers can provide enhancements to ensure that the expected code/containers
@ -136,7 +136,7 @@ the images they need but also support the verification method they require. A k
relationship is the Workload Provider applying Supply Chain relationship is the Workload Provider applying Supply Chain
Security practices (as Security practices (as
described on Page 42 of described on Page 42 of
[Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/main/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf) [Cloud Native Security Paper](https://github.com/cncf/tag-security/blob/3e57e7c472f7053c693292281419ab926155fe2d/community/resources/security-whitepaper/v2/CNCF_cloud-native-security-whitepaper-May2022-v2.pdf)
) when considering Container ) when considering Container
Image Providers. So the Container Image Provider must support the Workload Providers Image Providers. So the Container Image Provider must support the Workload Providers
ability to provide assurance to the Data Owner regarding integrity of the code. ability to provide assurance to the Data Owner regarding integrity of the code.