Security Threat Model Analysis and Protection Practice in Edge Computing

Explore the security challenges and solutions in edge computing scenarios through this comprehensive conference talk. Delve into the threat model analysis and protection practices for cloud native environments expanding towards multi-cloud, hybrid cloud, and edge computing. Learn about the limitations of traditional VPC-based security models in edge computing and the emerging challenges, including weak edge security mechanisms, vulnerable service interfaces, and supply chain security risks. Gain insights into KubeEdge's security audit process, including threat modeling and fuzzing efforts. Discover tips for contributing to KubeEdge's ongoing security initiatives and understand the importance of SLSA L3 compliance in improving community security. Examine the work done to enhance KubeEdge's consumer security and its impact on the cloud native ecosystem.