CNCF TAG-Security announced version 2 of the Security White Paper
and that broke the links to version 1.
Fix the links and move to v2 of the white paper..
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Add a introduction to Trust Model (Part of Issue #28).
Include references and links to prior art
Follow on Pull Requests will include sections corresponding to orthogonal ways of considering cloud native approaches relevent to the trust model
Specifically including
- Personas
- Lifecycle
- Trusted Execution Boundary Location
- Secured v unsecured TEE Base Image
Signed-off-by: James Magowan <magowan@uk.ibm.com>
- In the operator documentation,
- use the CCv0 demo image as payload,
- reference the SSH demo.
- In the SSH demo documentation,
- use the `kata-cc` runtime,
- reference the operator demo.
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
This recording demonstrates the ease of deploying a confidential
container and its confidentiality through a memory check.
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
There is now a public container image for the SSH demo with publicised
keys. Add the respective references.
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
Add basic documentation, Dockerfile, k8s and sandbox config for a demo
pod with SSH public key authentication.
Documentation on encrypting and running the image is omitted as of now,
for this is a more general topic which will require separate attention.
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
Remove kata runtime guidance and backporting sections that focus
on kata 1.1 vs 2.0 repo organization.
Update go-lang guidance to remove kata specifics.
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
Formatting fixes and update kata references to Confidential Containers.
Entire sections that may be kata specific will be removed in a separate commit for clarity.
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
* Format markdown
Set column width to 100 characters to facilitate future PR reviews.
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
* Add container isolation to Overview
Reflect community discussions from October 2021 recognizing prior work
with container isolation and future work to comprehensively address
the scope implied by Confidential Containers.
Signed-off-by: Dan Middleton <dan.middleton@intel.com>
