Protecting data using secret management with Trusted Service Identity (TSI)

Mariusz will explore the problems that exist with current methods of storing and using secrets in a Kubernetes cluster and introduces a project recently open-sourced by IBM Research called Trusted Service Identity (TSI) that addresses these problems by tying secret management technologies with workload identity via host provenance and integrity. Trusted Service Identity (TSI) protects sensitive data access by ensuring only attested services can obtain credentials through the use of workload identity signing.