Runtime Attestation

Jan 1, 0001

Definition

Runtime attestation is a security process that verifies the integrity and authenticity of a system or application during its execution. It involves generating and validating cryptographic proofs to ensure that the runtime environment has not been tampered with and is operating as expected. This process helps in detecting unauthorized changes or malicious activities in real-time, providing assurance that the system’s state is trustworthy.

Secure Settings Example

apiVersion: security.k8s.io/v1
kind: PodSecurityPolicy
metadata:
  name: runtime-attestation-policy
spec:
  allowPrivilegeEscalation: false
  requiredDropCapabilities:
    - ALL
  readOnlyRootFilesystem: true
  runAsUser:
    rule: MustRunAsNonRoot
  seLinux:
    rule: RunAsAny
  attestation:
    enabled: true
    provider: "trusted-provider"
    policy: "strict"

Insecure Settings Example

apiVersion: security.k8s.io/v1
kind: PodSecurityPolicy
metadata:
  name: insecure-runtime-policy
spec:
  allowPrivilegeEscalation: true
  requiredDropCapabilities: []
  readOnlyRootFilesystem: false
  runAsUser:
    rule: RunAsAny
  seLinux:
    rule: RunAsAny
  attestation:
    enabled: false

Runtime Attestation

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter