[Proposal] Guidance for Confidential Supply Chains

[mnm678]

Description: what's your idea?

After discussion with the Confidential computing project, it seems like there is an opportunity for collaboration to provide guidance for projects to create a confidential supply chain. This could be part of the supply chain whitepaper, or a separate document.

Impact: Describe the customer impact of the problem. Who will this help? How
will it help them?

This will help projects interested in creating a confidential supply chain

Scope: How much effort will this take? ok to provide a range of options if or
"not yet determined" for initial proposals. Feel free to include proposed tasks
below or link a Google doc

Intent to lead:

• I volunteer to be a project lead on this proposal if the community is
  interested in pursing this work. This statement of intent does not preclude
  others from co-leading or becoming lead in my stead.

Proposal to Project:

• Added to the planned meeting template for mm dd
• Raised in a Security TAG meeting to determine interest - mm dd
• Collaborators comment on issue for determine interest and nominate project
  lead
• Scope determined via meeting mm dd and/or shared document add link
  with call for participation in #tag-security slack channel thread add link
  and mailing list email add link
• Scope presented to Security TAG leadership and Sponsor is assigned

TO DO

• Security TAG Leadership Representative:
• Project leader(s):
• Issue is assigned to project leaders and Security TAG Leadership
  Representative
• Project Members:
• Fill in addition TODO items here so the project team and community can
  see progress!
• Scope
• Deliverable(s)
• Project Schedule
• Slack Channel (as needed)
• Meeting Time & Day:
• Meeting Notes (link)
• Meeting Details (zoom or hangouts link)
• Retrospective

[eddie-knight]

@mnm678 Could you elaborate or link to more information about the term "confidential supply chain?"

[magowan]

At one simple level within the Confidential Containers project one of our Use Cases relates to CI/CD.
In simplest terms being able to build and sign artifacts in a confidential computing environment to protect the signing keys and integrity/confidentiality of environment used to build the artifact.

However a big challenge we have when pushing for this or any use case is also the reflection that if anything was compromised in other aspects of the supply chain (not just building container Images) then trying to use a Confidential Containers environment later will not deliver on the Confidential Computing promise.

So we need to layer in the complexity that comes with Confidential Computing , our supply chain here is not simply about the software that forms the containers deployed within a pod. We need to consider the hardware/firmware, the generating of measurements to allow us to verify the use of a particular environment at a later deployment time, the management of keys/secrets which should only be released after we verify the environment (attestation)
We also have the concept within CoCo of a Rego policy as a required basis to ensure least privileges and protecting the confidentiality of a pod. Do the kublet or admin actions match the expectations of the pod? Responsibility for this policy lies with the owner of the "workload", the cluster administrator is not trusted.

How do we manage these additional artifacts as part of a supply chain to achieve the end goal of running any workload/solution within a cloud native confidential computing environment.

So for me an interesting goal for "Guidance for Confidential Supply Chains" could be.
Someone wishes to deploy a pod into a confidential containers environment to protect this pod and its data from both Infrastructure and Kubernetes administration.

And exploring questions such as:

What do they need consider with respect to verifying the supply of a CoCo capable cluster?
What do they need to consider when creating the additional artifacts needed?
What do they need to consider in their overall solution where communication among multiple pods is required?

[magowan]

A different angle could be to examine the impact of Confidential Computing and the CNCF CoCo project on the existing "Supply Chain Best Practices v2"

[JustinCappos]

This is just my two cents, but I'd love to have this start more as an exploratory thought from your group instead of a TAG Security product. I think people here would be quite interested to know about it, but at least from my perspective this isn't a super core area for us to put out guidance on. I mean, if people want to consider this use case, don't they go to CoCo anyways for guidance? At least in my view, our role is to help to do things that are more cross-cutting. We could perhaps refer to this in other documentation that is broad (like the supply chain best practices), but for the most part items from our group tend to be general and this feels to me a little too much like promoting CoCo for supply chains...

…

On Thu, Sep 12, 2024 at 11:21 AM James Magowan ***@***.***> wrote: A different angle could be to examine the impact of Confidential Computing and the CNCF CoCo project on the existing "Supply Chain Best Practices v2" — Reply to this email directly, view it on GitHub <#1367 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAGROD4U3II4F5VBV5QV36DZWGWOFAVCNFSM6AAAAABODNVLE6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNBWGU4TINBQGU> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[mythi]

A similar effort is already ongoing on SLSA side.

We could perhaps refer to this in other documentation that is broad

Something along these lines was planned to be added to #1044 as proposed in #906.

[jkjell]

Work on this issue will be discussed in the Supply Chain WG as they complete the updated v2 white paper.