Spoofing
Spoofing is pretending to be something, or somebody, you are not. In the context of information security, it's pretending to be a different user or entity, with the aim of gaining extra privileges on a system.
Let's look at how Kubernetes authenticates users to prevent spoofing.
Securing Communications with the API Server
Kubernetes comprises lots of small components that work together. These include control plane components such as the API server, controller manager, scheduler, cluster store, and others. It also includes node components such as the kubelet and container runtime. Each of these has its own set of privileges that allow it to interact with, and even modify, the cluster. Even though Kubernetes implements a least-privilege model, spoofing the identity of any of these components can have unforeseen and potentially disastrous consequences.
Fortunately, Kubernetes implements a security model that requires components to authenticate via mutual...