The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2025 and meet the Eligibility Requirements to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
This schedule is automatically displayed in British Summer Time (BST | GMT+1). To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.
The schedule is subject to change and session seating is available on a first-come, first-served basis.
East-west traffic authorization is a critical component of securing modern Kubernetes workloads, yet the ecosystem's policy enforcement implementations all do things a little bit differently, causing fragmentation and increasing the barrier to entry for new users. While Kubernetes and its subprojects have traditionally focused on network-based authorization, we see an opportunity to transition to identity-based authorization, enabling more secure and scalable policies. But what exactly constitutes an “identity” in Kubernetes, and how do we standardize it?
Lior, Keith, and others have been exploring how to standardize identity-based authorization to enhance security and ensure consistent enforcement across implementations. In this talk, they will share potential approaches, challenges, and a viable way for moving forward. Join the discussion to help shape the future of identity-driven authorization in Kubernetes in conjunction with the Gateway API and Network Policy subprojects.
Lior is an Engineering lead at Google working on Google Compute Engine and Cloud Service Mesh. He is a leading maintainer of ingress2gateway, and an active contributor to Kubernetes SIG network focused on Gateway API.