KubeCon + CloudNativeCon + Open Source Summit + AI_dev China 2024

Ensuring a secure supply chain for container images is vital in the cloud-native ecosystem. But how can you be certain that container images originate from trusted sources? And how can you verify that they haven’t been altered since their creation? Join this session to delve into how the Notary Project bolsters cloud native supply chains by leveraging authentic container images and other OCI artifacts. Our maintainers will present an overview of the project for newcomers. Discover the latest features that enhance software supply chains, gain insights into the roadmap, and explore upcoming developments, including attestations. Observe a user demonstrating how the Notary Project guarantees the integrity and authenticity of container images and arbitrary files. Our maintainers will be available to answer any questions you may have. Whether you’re new or experienced in container security, or someone interested in contributing to the project, this session is not to be missed!

确保容器镜像的安全供应链对于云原生生态系统至关重要。但是，您如何确保容器镜像来自可信的来源？您如何验证它们自创建以来没有被篡改？加入本场演讲，深入了解Notary项目如何通过利用真实的容器镜像和其他OCI工件来增强云原生供应链。我们的维护人员将为新手提供项目概述。发现增强软件供应链的最新功能，了解路线图，探索即将推出的开发，包括证明。观察用户演示Notary项目如何保证容器镜像和任意文件的完整性和真实性。我们的维护人员将随时回答您可能有的任何问题。无论您是容器安全的新手还是经验丰富的人，或者是有兴趣为项目做出贡献的人，都不要错过本场演讲！