Security on the edge is crucial. Learn more about how the StarlingX 2.0 release helps addressing this challenge. As we drive compute to the edge of the network many things change and become more interesting and new problems need to be solved.
Guest blog written by Ian Joliffe, Wind River.
At a minimum you need to face with space and power limitations. Further challenges include balancing server costs while enabling emerging applications and new transformational use cases at the edge when you take the next steps. However; even though the way compute is delivered at the edge is different, the need for security remains constant or even more critical.
Security is always an important consideration in any deployment. It gets more interesting when we no longer have the high level of physical security in the data center where there are retinal scanners at the doors. As we move to the edge we have an environment where there may be less physical security and nodes that are geographically distributed also make maintenance activities difficult.
Within the StarlingX community, these are challenges we have recognised and have been working on solutions. The key approaches start with security enabled at the lowest level of the stack and build up from there. The key challenges we have tackled so far are:
As you can see there are many complementary technologies that work together to address the security posture required at the edge. Other techniques and technologies people in the community are exploring are network policy enforcement, ease of use of certificates and additional ways to leverage TPM modules. There are many interesting security related items in StoryBoard, our task tracker tool, where you can follow and join the tasks people are working on in the community. Come join us, there are many ways to engage on the mailing list, meetings or IRC. You can find information about all this and more on the StarlingX website.
Security is critical to all projects and technologies to ensure privacy is respected and information is securely preserved. An edge focused approach to defence in depth is required to ensure the reality of less physical security doesn’t put the services and data at risk of malicious exploits.