2nd Congress on Intelligent Machines and Algorithms (CIMA 2026)

Navaneeth Komirisetty

Secure-by-Default Kubernetes: A Scalable Multi-Tenant Architecture for Enterprise and AI Workloads

Abstract:

Enterprise Kubernetes platforms have evolved from infrastructure deployments into shared, multi-tenant products that underpin both business-critical applications and high-value artificial intelligence workloads. This shift introduces a complex security challenge that extends beyond cluster configuration into operating models, trust boundaries, and continuous assurance. This session presents a vendor-neutral reference architecture for designing and operating secure Kubernetes platforms that support traditional microservices alongside AI training pipelines and model-serving endpoints. 
The architecture is grounded in an explicit threat model that treats container images, workload identities, control plane state, datasets, model artifacts, and inference endpoints as protected assets. It defines clear trust boundaries across developer environments, build systems, registries, Kubernetes APIs, worker nodes, and attached data services, aligning platform controls with zero trust principles and established guidance from NIST, NSA, CISA, CIS, and OWASP. Particular attention is given to AI-specific risks such as model theft, data poisoning, prompt injection, and unintended data exposure, which require extensions to conventional container security assumptions. 
Attendees will learn how layered multi-tenant isolation can be achieved using namespaces, node pools, and cluster separation, reinforced through least-privilege role-based access control, workload identity, default-deny networking, and policy-driven resource governance. The session also explores control plane and node hardening strategies, including considerations for accelerator-backed nodes and specialized runtime dependencies common in AI environments. 
Operational maturity is addressed through policy enforcement using Pod Security Standards, evidence-ready observability, and centralized auditability that supports both security operations and regulatory assurance. Secure AI workload patterns including controlled model artifact promotion, data access segmentation, and monitored model-serving behavior are mapped to platform-level controls rather than ad hoc application fixes. 
The presentation concludes with a phased implementation roadmap that helps organizations evolve from baseline Kubernetes security controls to continuously verified, scalable operations that integrate platform security with emerging AI governance requirements.

Profile:

Navaneeth Komirisetty is a senior cybersecurity architect and platform security practitioner specializing in secure enterprise infrastructure and cloud-native modernization. His work focuses on designing, operating, and hardening Linux and Kubernetes platforms that support mission-critical, data-intensive workloads in complex enterprise environments. He brings a strong blend of security architecture, DevOps practices, and operational governance, with an emphasis on building platforms that are resilient, auditable, and secure by default. 
In his current role, Navaneeth leads the modernization and security of large-scale analytics and container platforms, with responsibility for Kubernetes lifecycle management, platform hardening, and vulnerability remediation in highly controlled environments. He has deep hands-on experience operating Rancher-managed Kubernetes platforms, including air-gapped deployments, upgrade planning, and day-two operations. His work routinely spans cross-functional collaboration with security, application, and infrastructure teams to align platform capabilities with enterprise risk management and compliance objectives. 
Navaneeth has supported a wide range of high-security workloads across industries, including regulated environments and critical infrastructure systems. His background includes securing Linux and virtualized platforms, implementing identity-driven access controls, automating infrastructure workflows, and establishing repeatable operational practices through runbooks, standard operating procedures, and knowledge transfer. He has contributed to platform enablement efforts that improve reliability, observability, and operational readiness for both engineering and security operations teams. 
He holds a graduate degree in Computer information systems and formal training across cloud-native platforms, observability, and security tooling. Navaneeth is passionate about treating platforms as products, where security architecture, operational discipline, and developer enablement work together to support sustainable modernization and emerging workloads such as advanced analytics and artificial intelligence.
 

Committees

  • Chief Patron
  • Patron
  • Honorary Chair
  • Advisory Committee
  • General Chairs
  • Program Chairs
  • Organizing Secretary
  • Organizing Chairs
  • Organizing Committee
  • Technical Program Committee
  • Publicity Chairs
  • Publication Committee
  • Session Management Committee
  • Conference Management Committee

    • Useful Link

  • Call for Papers
  • Paper Submission
  • Important Dates
  • Guidelines for the Appointment of Speakers
  • Guidelines for the selection of Session Chairs
  • Guidelines for the Best Paper Selection Process
  • Guidelines for Selecting and Appointing Reviewers
  • Conference Rules and Guidelines
  • CMT ACKNOWLEDGMENT

    • ContactUs

    cima@scrs.in
    cima@nitpy.ac.in

    +91-7503322444
    (whatsapp messages only)

    ☎ +91-9488947184

    Soft Computing Research Society,
    New Delhi, India