Loading [a11y]/accessibility-menu.js
A Kubernetes CI/CD Pipeline with Asylo as a Trusted Execution Environment Abstraction Framework | IEEE Conference Publication | IEEE Xplore

A Kubernetes CI/CD Pipeline with Asylo as a Trusted Execution Environment Abstraction Framework


Abstract:

Modern commercial software development organizations frequently prescribe to a development and deployment pattern for releases known as continuous integration / continuou...Show More

Abstract:

Modern commercial software development organizations frequently prescribe to a development and deployment pattern for releases known as continuous integration / continuous deployment (CI/CD). Kubernetes, a cluster-based distributed application platform, is often used to implement this pattern. While the abstract concept is fairly well understood, CI/CD implementations vary widely. Resources are scattered across on-premise and cloud-based services, and systems may not be fully automated. Additionally, while a development pipeline may aim to ensure the security of the finished artifact, said artifact may not be protected from outside observers or cloud providers during execution. This paper describes a complete CI/CD pipeline running on Kubernetes that addresses four gaps in existing implementations. First, the pipeline supports strong separation-of-duties, partitioning development, security, and operations (i.e., DevSecOps) roles. Second, automation reduces the need for a human interface. Third, resources are scoped to a Kubernetes cluster for portability across environments (e.g., public cloud providers). Fourth, deployment artifacts are secured with Asylo, a development framework for trusted execution environments (TEEs).
Date of Conference: 27-30 January 2021
Date Added to IEEE Xplore: 17 March 2021
ISBN Information:
Conference Location: NV, USA

Contact IEEE to Subscribe

References

References is not available for this document.