You're reading from Learn Kubernetes Security Securely orchestrate, scale, and manage your microservices in Kubernetes deployments

Product type Paperback

Published in Jul 2020

Publisher Packt

ISBN-13 9781839216503

Length 330 pages

Edition 1st Edition

Languages

C++

Tools

Kubernetes

Concepts

Cloud Security

Authors (2):

Pranjal Jumde

Kaizhe Huang

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Introduction to Kubernetes

2. Chapter 1: Kubernetes Architecture FREE CHAPTER

3. Chapter 2: Kubernetes Networking

4. Chapter 3: Threat Modeling

5. Chapter 4: Applying the Principle of Least Privilege in Kubernetes

6. Chapter 5: Configuring Kubernetes Security Boundaries

7. Section 2: Securing Kubernetes Deployments and Clusters

8. Chapter 6: Securing Cluster Components

9. Chapter 7: Authentication, Authorization, and Admission Control

10. Chapter 8: Securing Kubernetes Pods

11. Chapter 9: Image Scanning in DevOps Pipelines

12. Chapter 10: Real-Time Monitoring and Resource Management of a Kubernetes Cluster

13. Chapter 11: Defense in Depth

14. Section 3: Learning from Mistakes and Pitfalls

15. Chapter 12: Analyzing and Detecting Crypto-Mining Attacks

16. Chapter 13: Learning from Kubernetes CVEs

17. Assessments

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Security boundaries versus trust boundaries

Security boundary and trust boundary are often used as synonyms. Although similar, there is a subtle difference between these two terms. A trust boundary is where a system changes its level of trust. An execution trust boundary is where instructions need different privileges to run. For example, a database server executing code in /bin is an example of an execution crossing a trust boundary. Similarly, a data trust boundary is where data moves between entities with different trust levels. Data inserted by an end user into a trusted database is an example of data crossing a trust boundary.

Whereas a security boundary is a point of demarcation between different security domains, a security domain is a set of entities that are within the same access level. For example, in traditional web architecture, the user-facing applications are part of a security domain and the internal network is part of a different security domain. Security boundaries...