Chapter 2. Integrity
Integrity is a trait that can sometimes be overlooked. But if someone does what they say theyâre going to do and lives according to their well-founded values, thatâs a person who youâd be better off doing business with!
You might be wondering why I bring that up, since youâre here to make zero trust architecture (ZTA) work effectively with Kubernetes. Data with integrity is much like a person with integrity: it does what it says it will do and can be trusted to live according to its values. And thatâs the type of data youâre better off doing business with!
Ultimately, you must ensure that the data stored by and transmitted through your Kubernetes application hasnât been altered by malicious threat actors nor by well-intentioned people making honest mistakes. Effectively encrypted and monitored access can prevent all the data within your Kubernetes system from being tampered with and therefore can protect its integrity. Weâll get to access encryption and monitoring in Chapters 6 and 7. For now, weâll focus on how to verify the integrity of your data in your zero trust Kubernetes application system.
The NIST SP 800-53 standard requires cloud applications, such as your Kubernetes applications, to prevent the installation of any components that havenât been digitally verified with a signed certificate thatâs recognized by your organization. Certificates can be managed by your enterpriseâs own certificate authority (CA) or by a CA your ...
Get Zero Trust Architecture in Kubernetes now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
