Enable javascript in your browser for better experience. Need to know to enable it? Go here.
已发布 : Nov 20, 2019
Not on the current edition
This blip is not on the current edition of the Radar. If it was on one of the last few editions it is likely that it is still relevant. If the blip is older it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar Understand more
Nov 2019
试验 ? 值得一试。了解为何要构建这一能力是很重要的。企业应当在风险可控的前提下在项目中尝试应用此项技术。

随着容器的广泛使用,由自治团队部署大型服务并以越来越快的速度持续交付,在许多组织已变成一种通用实践,这也导致对自动部署时软件安全控制的需求增多。二进制鉴证就是一项实现部署时安全控制的技术,用密码学技术验证部署用的二进制镜像。使用这项技术,一个签证人,一个自动构建流程,或者一个安全小组可以签发已经通过安全检查、测试,并得到授权的待部署镜像。支持在部署前创建证明和验证镜像签名的,除了GrafeasGCP Binary Authorization服务,还有in-totoDocker Notary这样的工具。

Radar

下载第25期技术雷达

English | Español | Português | 中文

Radar

获取最新技术洞见

 

立即订阅

查看存档并阅读往期内容