search

datasciencecampus / pprl_toolkit

The privacy-preserving record linkage toolkit: a proof-of-concept public demo of next-gen data linkage techniques.
https://datasciencecampus.github.io/pprl_toolkit/
MIT License
6 stars 0 forks source link

Add signed server image to attestation conditions #7

Open matweldon opened 4 months ago

daffidwilde commented 4 months ago

Just a thought, but we could serve a Docker image ourselves (linked to a release of this repository) that users have access to. That way, we could hard-code the SHA digest of the image into the authorisation script, which helps ensure security. It would also eliminate the workload author role for users.

How we would host this remains to be seen of course.

matweldon commented 4 months ago

Just a thought, but we could serve a Docker image ourselves (linked to a release of this repository) that users have access to. That way, we could hard-code the SHA digest of the image into the authorisation script, which helps ensure security. It would also eliminate the workload author role for users.

How we would host this remains to be seen of course.

Great idea. We can make repos public in Artifact Registry

matweldon commented 4 months ago

Or use our organisational Dockerhub site

daffidwilde commented 4 months ago

We would want some sort of long-term assurance, so the Dockerhub is probably preferable. Can we run an image from there on GCP? Probably best to just chat this over next week 😸