菜单
技术

Binary attestation

NOT ON THE CURRENT EDITION
This blip is not on the current edition of the radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the radarUnderstand more
Nov 2019
试验?

随着容器的广泛使用,由自治团队部署大型服务并以越来越快的速度持续交付,在许多组织已变成一种通用实践,这也导致对自动部署时软件安全控制的需求增多。二进制鉴证就是一项实现部署时安全控制的技术,用密码学技术验证部署用的二进制镜像。使用这项技术,一个签证人,一个自动构建流程,或者一个安全小组可以签发已经通过安全检查、测试,并得到授权的待部署镜像。支持在部署前创建证明和验证镜像签名的,除了GrafeasGCP Binary Authorization服务,还有in-totoDocker Notary这样的工具。