Is Istio Ambient Mesh Secure - Exploring Service-to-Service Security
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the security aspects of Istio Ambient Mesh in this 22-minute conference talk by Christian Posta from Solo.io and John Howard from Google. Delve into the architecture decisions made to preserve zero-trust properties in the sidecarless data plane implementation. Learn about mTLS, workload identity, and security boundaries between infrastructure and application worlds. Examine the secure overlay surface area, system boundaries, and blast radius boundaries. Understand the implications of compromised nodes, data planes, applications, and control planes. Discover the role of Waypoint Proxy and how it contributes to ease of operations in Istio Ambient Mesh.
Syllabus
Intro
Istio Ambient Mesh Data Plane
Sidecar architecture
Ambient architecture
Secure Overlay Surface Area
System Boundaries
Blast Radius Boundaries
Compromised node
Compromised data plane
Compromised application
Compromised control plane
Waypoint Proxy
Ease of Operations
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Introduction to Service Mesh with LinkerdLinux Foundation via edX Creating Multi Task Models With Keras
Coursera Project Network via Coursera Getting Started with Linkerd Service Mesh
Pluralsight Stanford CS330: Deep Multi-Task and Meta Learning
Stanford University via YouTube Avoiding Catastrophe - Active Dendrites Enable Multi-Task Learning in Dynamic Environments
Yannic Kilcher via YouTube