Webhook-based cloud native trusted measurement method and system, and storage medium
The invention discloses a webhook-based cloud native trusted measurement method and system and a storage medium in the technical field of cloud security, a trusted measurement admission controller is dynamically deployed in a Kubernetes cluster, and the method comprises the following steps: obtainin...
Gespeichert in:
Hauptverfasser: | , , , , , , , , , , , , |
---|---|
Format: | Patent |
Sprache: | chi ; eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | The invention discloses a webhook-based cloud native trusted measurement method and system and a storage medium in the technical field of cloud security, a trusted measurement admission controller is dynamically deployed in a Kubernetes cluster, and the method comprises the following steps: obtaining all mirror image deployment requests from a Kube interface service; obtaining a trusted measurement reference value matched with the mirror image deployment request from a trusted reference value security release and verification service; and verifying whether a mirror image requested to be deployed in the mirror image deployment request is credible by using the credible measurement reference value, and if so, allowing the mirror image deployment request. According to the method, a trusted measurement mechanism is added in Kubernetes for the first time, the method has the advantages of being high in universality, good in compatibility, high in flexibility and the like, cloud native trusted measurement can be achi |
---|