TL;DR: SPIFFE deployments still rely on app libraries, sidecars, or proxies that add complexity, weaken process binding, and make workload identity harder to operate at scale, according to Riptides. Moving enforcement into the Linux kernel reframes NHI as a native control plane issue, not an add-on plumbing layer.
At a glance
What this is: This is an analysis of kernel-level workload identity and the claim that Linux can become the enforcement layer for SPIFFE-based NHI.
Why it matters: It matters because IAM, PAM, and NHI teams need to understand where identity enforcement should live when workloads span Kubernetes, VMs, bare metal, and edge.
By the numbers:
- 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time.
- 69% of organisations now have more machine identities than human ones.
- Only 5.7% of organisations have full visibility into their service accounts.
- 66% say their current tooling is not adequate to manage the scale of machine identities they now have.
👉 Read Riptides' analysis of kernel-level workload identity for SPIFFE environments
Context
Kernel-level workload identity is the idea that the operating system should enforce non-human identity at the point where processes actually communicate, rather than relying on application code, sidecars, or proxies. That matters for SPIFFE-based environments because the control plane may be correct while the runtime path still adds avoidable identity sprawl and trust ambiguity.
The governance question is not whether workload identity exists, but whether it is bound tightly enough to the process, the connection, and the policy decision to survive scale. For IAM and NHI programmes, the practical issue is where identity enforcement belongs when workloads run across Kubernetes, VMs, bare metal, and edge nodes.
Key questions
Q: How should security teams evaluate kernel-level workload identity for production use?
A: They should test whether the design improves process binding, removes helper-layer trust, and enforces identity at connection time across the environments they actually run. If the model only works cleanly in one runtime, it is not yet a governance-ready control for an enterprise NHI programme.
Q: Why do sidecars and proxies create workload identity governance risk?
A: They create an extra identity layer between the workload and the communication event, which can weaken process fidelity and make troubleshooting or policy verification harder. That does not make them useless, but it does mean the trust boundary is no longer the workload itself.
Q: When is SPIFFE alone not enough for NHI governance?
A: SPIFFE alone is not enough when identity is issued correctly but enforced inconsistently, or when secrets and policy still depend on helper processes. Governance improves only when the runtime path, credential lifecycle, and policy decision are aligned.
Q: What should teams prioritise first in workload identity modernisation?
A: They should prioritise where identity is enforced before they optimise how identity is represented. A runtime-bound model that works across Kubernetes, VMs, and bare metal is more durable than a model that depends on one orchestration pattern.
Technical breakdown
Why sidecars and proxies distort workload identity
Many SPIFFE deployments delegate identity to a sidecar or proxy so the application itself stays unchanged. That pattern simplifies adoption, but it also inserts an indirection layer between the workload and the identity decision. The result is weaker process binding, more moving parts, and a trust boundary that can shift from the real workload to the helper process. In large estates, that creates operational drag because identity, policy, and encryption are distributed across multiple components instead of anchored to the execution path itself.
Practical implication: verify whether your workload identity stack binds identity to the process or to a neighbouring proxy before treating it as strong enforcement.
What kernel-level identity changes in SPIFFE enforcement
Kernel-level identity moves the identity decision closer to the system calls and sockets that create network traffic. In the model described by Riptides, the kernel receives SPIFFE identities and trust bundles, checks policy when a connection starts, and establishes mTLS and kTLS in the runtime path. That removes userspace file mounts, shared secrets, and proxy mediation from the trust chain. The technical value is not just performance. It is tighter coupling between identity, transport, and policy at the exact point of communication.
Practical implication: evaluate whether your architecture can enforce identity before traffic leaves the process boundary, not after a proxy has already intervened.
Why process binding and zero standing credentials matter
Workload identity only becomes materially safer when credentials are ephemeral and tied to the right execution context. If certificates, tokens, or trust bundles live in userspace or linger in supporting services, the attack surface expands even when the identity model looks modern on paper. Kernel-based designs argue for a lower-exposure path because secrets never touch disk or userspace memory, and access is checked per connection rather than stored as standing privilege. That makes the identity layer much closer to a true runtime control than a configuration convenience.
Practical implication: treat ephemeral credential handling and process binding as separate design checks, not as implied benefits of SPIFFE adoption.
NHI Mgmt Group analysis
Kernel-level workload identity exposes the operational gap between identity issuance and identity enforcement. The article’s central point is that SPIFFE can solve workload identity abstraction while still leaving enforcement fragmented across application code, proxies, and sidecars. That is a governance problem, not just an architecture preference. The implication is that NHI programmes should judge controls by where identity is enforced in runtime, not by where it is defined in policy.
Sidecars are scaffolding, not a durable identity boundary. They can help teams adopt workload identity, but they also create an identity interpretation layer that is not the workload itself. That matters because identity fidelity drops when the process that initiates communication is no longer the process carrying the trust decision. Practitioners should therefore treat helper-layer identity as transitional, not as the final control model.
Process-bound identity is the right named concept for this pattern. It describes identity that is attached to the actual executing process at the syscall level rather than to a pod, node, or adjacent proxy. That concept is stronger than generic workload identity because it captures the governance requirement the article keeps returning to: identity must track execution, not abstraction. The practical conclusion is that NHI architectures should be assessed on process fidelity, not only on protocol compliance.
Zero trust for workloads fails when the transport layer is detached from the identity layer. The article shows that mTLS alone is not enough if the identity state lives somewhere else and must be reconstructed through extra agents. In Zero Trust terms, the trust decision should be as close as possible to the communication event. Practitioners should use this as a design test for whether their workload identity model actually reduces trust assumptions or simply relocates them.
Linux is becoming the enforcement surface for NHI governance because it is the one universal runtime boundary. Kubernetes is common, but it is not universal. The kernel is. That makes kernel-level identity strategically interesting for mixed estates where the same governance model must span containers, VMs, and bare metal. The implication for identity leaders is that portability and consistency now matter as much as cryptographic correctness when evaluating workload identity architectures.
From our research:
- 71% of NHIs are not rotated within recommended time frames, increasing the risk of compromise over time, according to the Ultimate Guide to NHIs.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
- The next question is whether runtime-bound identity can reduce that exposure, so practitioners should also review Ultimate Guide to NHIs , Standards.
What this signals
Process-bound identity is the operational test that will separate serious workload identity programmes from proxy-heavy abstractions. As estates span Kubernetes, VM, and edge environments, the control question becomes whether identity follows the process everywhere or only where orchestration is convenient.
With 71% of NHIs not rotated within recommended time frames, runtime design and lifecycle design can no longer be treated as separate workstreams. If the identity is not tightly bound to execution, rotation and revocation lose much of their practical value.
Teams that already use the SPIFFE workload identity specification should use this article as a reminder that specification compliance is not the same as runtime control. The programme signal is whether the enforcement path is portable, observable, and genuinely tied to the workload.
For practitioners
- Map identity enforcement to the runtime boundary Inventory where workload identity is actually enforced today, then separate policy definition from runtime enforcement. If the identity decision happens in a proxy, sidecar, or application library, document the resulting trust dependency and the failure mode it introduces.
- Test process binding explicitly Validate whether certificates and trust material are attached to the executing process or merely to the surrounding workload envelope. Use that test across Kubernetes, VM, and bare-metal estates so the result is not biased by a single deployment model.
- Reduce dependency on helper-layer identity Treat proxies and sidecars as transitional controls unless they are the only feasible path. Where they remain, define compensating checks for identity fidelity, connection-time policy, and observability so the helper layer does not become the trust anchor.
- Align workload identity to Zero Trust assumptions Use Zero Trust design reviews to ask whether the trust decision is made at connection time, with ephemeral credentials and least privilege, or deferred to surrounding infrastructure. The answer should be consistent across workloads running in different environments.
Key takeaways
- Kernel-level workload identity matters because it moves NHI enforcement closer to the process that actually initiates communication.
- Sidecars and proxies can simplify adoption, but they also weaken identity fidelity by inserting an extra trust layer.
- The control question for practitioners is not whether SPIFFE is deployed, but whether identity is enforced at runtime across every environment that matters.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST Zero Trust (SP 800-207) and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | The article focuses on workload identity enforcement and process binding for non-human identities. |
| NIST Zero Trust (SP 800-207) | PR.AC-4 | The post argues for connection-time enforcement and continuous verification in workload traffic. |
| NIST CSF 2.0 | PR.AC-1 | Identity and access control at the workload layer directly affects access governance and trust boundaries. |
Enforce least privilege at connection time and verify identity decisions inside the communication path.
Key terms
- Workload identity: Workload identity is the mechanism used to prove and govern the identity of a non-human workload such as a service, container, VM, or process. In mature designs, it is tied to runtime execution and cryptographic trust, not just to a deployment label or network location.
- SPIFFE: SPIFFE is an open standard for issuing and managing workload identities through cryptographic documents called SVIDs. It gives systems a portable identity layer for non-human identities, but it still depends on how and where enforcement is implemented at runtime.
- Process binding: Process binding means the identity is attached to the actual process that initiates communication, rather than to a proxy, node, or surrounding platform object. It is a stronger governance pattern because it narrows the gap between execution, accountability, and trust enforcement.
- kTLS: kTLS is kernel TLS, a mechanism that moves parts of TLS encryption and decryption into the Linux kernel. For identity programmes, its relevance is that transport security can be enforced closer to the runtime boundary, reducing userspace exposure and helper-layer dependency.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
This post draws on content published by Riptides: Kernel Rethinking Workload Identity at the Kernel Level. Read the original.
Published by the NHIMG editorial team on 2025-07-14.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
