Docker Leverages TUF to Deliver the Highest Level of Security while Preserving a High-quality Developer Experience
SAN FRANCISCO – August 12, 2015 – Docker, the open platform for distributed applications, today announced the availability of Docker Content Trust, a new capability that uses digital signatures to ensure the integrity of Dockerized content. Available as part of Docker platform release 1.8, this feature allows Docker users to operate exclusively on signed content when building or deploying Dockerized applications. Based on Notary and the The Update Framework (TUF), a secure general design for the problem of software distribution and updates, Docker Content Trust delivers the highest level of security without compromising usability.
“As organizations evolve from a monolithic software architecture to distributed applications, the secure distribution of software becomes increasingly difficult to solve,” said Diogo Mónica, Security Lead for Docker. “Without a standard method for validating the integrity of content, Docker has the unique opportunity to leapfrog the status quo and build a system that meets the strongest standard for software distribution. With Docker Content Trust, users have a solution that works across any infrastructure, offering security guarantees that were not previously available to them.”
Docker Content Trust is implemented to work within a user’s existing workflow without requiring users to learn a new set of commands or to be trained on a deep set of security principles. When enabled, Docker Content Trust ensures that all operations using a remote registry enforce the signing and verification of images. In particular, Docker’s central commands `push`, `pull`, `build`, `create` and `run` will only operate on images that either have content signatures or explicit content hashes. The result is that IT operations teams have the assurance that only signed content is being used in their production infrastructure. Leveraging this implementation of content trust, Docker will be signing the Docker Hub Official Repos, providing users with a trusted set of base images they can use to build distributed applications.
The Power of Leveraging The Update Framework (TUF), the Strongest Security Standard for Content Trust
The Update Framework (TUF) is a standard for software delivery that provides the strongest guarantees for secure content distribution. At the heart of this model are a set of different cryptographic keys that are used for signing and verification of content. TUF was built to allow the resistance against a variety of different classes of attacks. By leveraging TUF, Docker Content Trust inherits a flexible way to provide high levels of security when building and distributing Docker images.
Docker Content Trust has two distinct keys, an Offline (root) key and a Tagging (per-repository) key that are generated and stored client-side the first time a publisher pushes an image. Each repository has its own unique tagging key, which allows the holder to digitally sign Docker images for a particular repository. The tagging key is used any time new content is added or removed from the repository. Because the tagging key is online, it is vulnerable to being compromised. With Docker Content Trust, the publisher will be able to securely rotate compromised keys by using the offline key, which should be securely stored offline.
Docker Content Trust also generates a Timestamp key that provides protection against replay attacks, which would allow a malicious actor to serve signed but expired content. Docker manages the Timestamp key for you, reducing the hassle of having to constantly refresh the content client-side.
Built on Notary to Ensure Interoperability with Any Registry
Docker Content Trust is enabled through an integration of Notary into Docker Engine. Designed to be platform agnostic, Notary is an open source project developed by Docker to serve as “infrastructure plumbing” for secure and trusted content distribution. An enterprise with its own private registry or third-party solutions can integrate with Notary to have its repositories integrate with Docker Content Trust.
Docker Content Trust is available immediately as part of Docker Platform 1.8. For more information on how to use Docker Content Trust.
About Docker, Inc.
Docker, Inc. is the company behind the Docker open source platform, and is the chief sponsor of the Docker ecosystem. Docker is an open platform for developers and system administrators to build, ship and run distributed applications. With Docker, IT organizations shrink application delivery from months to minutes, frictionlessly move workloads between data centers and the cloud and can achieve up to 20X greater efficiency in their use of computing resources. Inspired by an active community and by transparent, open source innovation, Docker containers have been downloaded more than 700 million times and Docker is used by millions of developers across thousands of the world’s most innovative organizations, including eBay, Baidu, the BBC, Goldman Sachs, Groupon, ING, Yelp, and Spotify. Docker’s rapid adoption has catalyzed an active ecosystem, resulting in more than 180,000 “Dockerized” applications, over 40 Docker-related startups and integration partnerships with AWS, Cloud Foundry, Google, IBM, Microsoft, OpenStack, Rackspace, Red Hat and VMware.