TNS
VOXPOP
How has the recent turmoil within the OpenAI offices changed your plans to use GPT in a business process or product in 2024?
Increased uncertainty means we are more likely to evaluate alternative AI chatbots and LLMs.
0%
No change in plans, though we will keep an eye on the situation.
0%
With Sam Altman back in charge, we are more likely to go all-in with GPT and LLMs.
0%
What recent turmoil?
0%
Cloud Native Ecosystem / Cloud Services / Containers

CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption

Oct 24th, 2017 12:01am by
Featued image for: CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption

The Cloud Native Computing Foundation continues to vigorously build its portfolio of open source cloud-native technologies. CNCF’s Technical Oversight Committee voted to accept both the Docker-developed Notary trusted content framework and the specification Notary was built on, TUF, as the 13th and 14th hosted projects, respectively.

The organizations announced the new members at the Open Source Summit Europe, being held this week in Prague.

Notary at a Glance

  • 865 GitHub stars
  • 156 forks
  • 45 contributors
  • 8 maintainers
  • 2600+ commits
  • 34 releases

Released by Docker in 2015, Notary manages the metadata needed to ensure the integrity of container image updates, even those on untrusted networks and linked to compromised registries. The software allows developers to sign applications at every step of development, blocking malicious content from being injected into the workflow.

Notary provides both a client and a pair of server applications to host signed metadata and signing duties. It is included in both the Docker Enterprise Edition and Community Edition and is a component of Docker’s Moby Project.

The interactions between the Notary client, server, and signer.

Huawei, Motorola Solutions, VMWare, LinuxKit, Quay, and Kubernetes also use Notary.

TUF at a Glance

  • 517 GitHub stars
  • 74 forks
  • 27+ contributors
  • 2700+ commits

Notary is based on The Update Framework (TUF) specification, a specification originally designed to secure software updates across distributed systems. TUF provides a design to keep resources secure even when cryptographic keys or servers are compromised. TUF predates the current popularity of containers and was originally developed for any form of software distribution.

The Kolide monitoring platform uses a TUF implementation to securely distribute osquery through an auto-updater.

TUF was originally written in 2009 by New York University Professor Justin Cappos and developed further by Cappos’s Secure Systems Lab at NYU’s Tandon School of Engineering.

Notary and TUF join the following CNCF projects Kubernetes, Prometheus, OpenTracing, Fluentd, linkerd, gRPC, CoreDNS, containerd, rkt, CNI, Envoy, and Jaeger.

The Cloud Native Computing Foundation is a sponsor of The New Stack.

Feature image via Pixabay.

Group Created with Sketch.
TNS owner Insight Partners is an investor in: The New Stack, Docker.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.