Zero Trust in the Cloud with WebAssembly and WasmCloud

Authors:   Kevin Hoffman


Securing code running in the cloud has been a difficult problem to solve since before we called it "the cloud". With the advent of WebAssembly, we can leverage the intrinsic security and sandbox isolation offered by WebAssembly modules. Then we can layer on top cryptographic signatures and the verifiable capability model from wasmCloud to deploy secure, untrusted code and have total confidence in the security of applications built this way. In this session, we'll take a look at how WebAssembly itself adds multiple levels of security to traditional cloud computing with containers and microservices. Then we'll cover demonstrations of multiple levels of security enabled by wasmCloud.



Post a comment

Related work

Authors: Taylor Thomas, Brooks Townsend

Conference:  Defcon 31
Authors: Bill Demirkapi Microsoft Security Response Center