Skip to content

torsec/k8s-pod-attestation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

279 Commits
cluster-config
cluster-config
 
 
cmd
cmd
 
 
images
images
 
 
k8s-attestation-chart
k8s-attestation-chart
 
 
patch
patch
 
 
pkg
pkg
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

Kubernetes Pods Remote Attestation

Overview

This project implements a Remote Attestation architecture integrated within Kubernetes-orchestrated clusters. It relies on hardware-based integrity verification and trust validation of pods running in the cluster by leveraging TPM-protected measurements and authenticated attestation proofs.

The goal is to ensure that workloads are executed on trusted worker nodes and that containerized applications maintain a verifiable chain of integrity throughout their lifecycle.

Reference

@article{k8s_pod_attestation,
  author       = {Francesco Zaritto and
                  Enrico Bravi and
                  Silvia Sisinni and
                  Antonio Lioy},
  title        = {Extending Kubernetes for Pods Integrity Verification},
  journal      = {Journal of Network and Systems Management},
  volume       = {34},
  number       = {1},
  pages        = {14},
  year         = {2026},
  url          = {https://doi.org/10.1007/s10922-025-09988-z},
  doi          = {10.1007/S10922-025-09988-Z}
}

Design

architecture-overview

About

Kubernetes integration of a Pod Remote Attestation architecture

Topics

kubernetes pod tpm2 remote-attestation

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages