Repudiation

Learn how to achieve non-repudiation in Kubernetes through API server auditing and centralized log collection.

We'll cover the following

At a very high level, repudiation creates doubt about something. Non-repudiation provides proof about something. In the context of information security, non-repudiation is proving certain individuals carried out certain actions.

Digging a little deeper, non-repudiation includes the ability to prove:

  • What happened

  • When it happened

  • Who made it happen

  • Where it happened

  • Why it happened

  • How it happened

Answering the last two can be the hardest and usually requires the correlation of several events over a period of time.

How to acheive non-repudiation

Auditing Kubernetes API server events can help answer these questions. The following is an example of an API server audit event (we may need to enable auditing on our API server).

Get hands-on with 1400+ tech skills courses.