Shanghai, China
June 24–26, 2019
Click here for more information and registration

Simultaneous translation will be provided for all keynote and breakout sessions.

To view the Chinese version of this schedule please go here.

Venue + Sponsor Showcase Map
场馆 + 赞助商展示区地图
Tuesday, June 25 • 16:00 - 16:35
Protecting Sensitive Code with Encrypted Container Images on Kubernetes - Brandon Lum & Harshal Patil, IBM

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Many enterprises are driven by trade secrets in their code - whether it is a proprietary AI model, or a secret high frequency trading strategy. It is of utmost importance that critical algorithms, proprietary code, or other content that is highly sensitive have minimum exposure unencrypted.

In this talk, we will show the end-to-end process of how users can create an encrypted container during the build process, to running encrypted container images on a Kubernetes cluster with the proposed ImageDecryptSecrets. We will show how the Encrypted Images OCI spec allows fine-grained encryption through leveraging layering of container images. Finally, we will talk about how Image Encryption will integrate into the container ecosystem, and talk about several possibilities for innovation in the container DevSecOps pipeline.


Harshal Patil

Advisory Systems Software Engineer, IBM
Advisory Systems Software Engineer at IBM, Linux Technology Center, works on containers and technologies around it. Currently works on Encryption in Container Images.
avatar for Brandon Lum

Brandon Lum

Software Engineer, IBM
Brandon loves designing and implementing computer systems (with a focus on Security, Operating Systems, and Distributed/Parallel Systems). He enjoys tackling both technical and business challenges and has a side interest in organizational behavior and leadership. At IBM Research... Read More →

Tuesday June 25, 2019 16:00 - 16:35