logo

Attacking & Defending Kubernetes TEE Enclaves in Critical Infrastructure

2022-05-20

Authors:   Robert Ficcaglia


Summary

The presentation discusses the challenges and considerations in implementing trusted computing in a Kubernetes environment.
  • Trusted computing is not a silver bullet and requires careful consideration of the attack surface and minimizing it
  • Enclaves have shortcomings and are susceptible to side channel attacks
  • Compliance with government standards such as NIST can be achieved with enclaves
  • Hardware components are susceptible to tampering and must be carefully evaluated
  • Kubernetes can use trusted computing at the container level, but the control plane should be constrained to minimize attack surface
The presenter notes that startups have found a majority of components on a board to be fakes, indicating the need for careful evaluation of hardware components.

Abstract

Trusted Execution Environments (TEE)s are a feature of Intel, AMD, ARM and other chip platforms, widely available on public clouds for high security infrastructure. Kubernetes can be deployed with TEE enclaves to create a Trusted Computing Base (TCB) which can cryptographically protect the compute and memory environment for the Kubernetes control plane, data flows, and CI/CD pipelines on-chip. This greatly reduces the attack "surface area" and reduces 3rd party supply chain risks. The session will examine detailed Kubernetes threat models for critical infrastructure and demonstrate how to attack and defend Kubernetes workloads in the context of TEEs. Attendees will learn how to use enclaves to protect the integrity of container images used for workloads, deploy TEE-based Pods,.examine development and operational challenges with TEE usage, and explore compliance benefits including specific policy and control mappings for GDPR, CCPA, PCI, HIPAA and NIST 800-53.Click here to view captioning/translation in the MeetingPlay platform!

Materials: