Suganthi Subramanian, Prasad B. Honnavalli, S. Shylaja
{"title":"容器安全:一个广泛的路线图","authors":"Suganthi Subramanian, Prasad B. Honnavalli, S. Shylaja","doi":"10.2991/ahis.k.210913.053","DOIUrl":null,"url":null,"abstract":"The containers play a crucial role in the cloud environment during application deployment as it shares same OS kernel. It reduces resource requirements and start-up time for deploying applications by an individual organizations or users. Even though containers provide light-weight virtualization, it generates a security bottleneck for the number of dedicated resources, libraries, and applications since the container isolation is comparatively weak to the legacy VMs. In the general architec ture of container, attackers can perform privilege escalation by exploiting the kernel vulnerabilities to gain the root privilege and leaks the critical information of a system. To address the present security concerns in the container, a better security based solution is essential. In this work, an extensive analysis is performed to predict the various existing access control mechanisms used for security purposes and the challenges encountered during the architecture modeling. Some use cases are considered to ensure the fulfilment of security requirements such as container protection, inter-container protection, and host protection, and it needs to provide both software and hardware solutions. This work also includes the research problems, research gaps, and further research extensions to provide security to the containers.","PeriodicalId":417648,"journal":{"name":"Proceedings of the 3rd International Conference on Integrated Intelligent Computing Communication & Security (ICIIC 2021)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Container Security: An Extensive Roadmap\",\"authors\":\"Suganthi Subramanian, Prasad B. Honnavalli, S. Shylaja\",\"doi\":\"10.2991/ahis.k.210913.053\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The containers play a crucial role in the cloud environment during application deployment as it shares same OS kernel. It reduces resource requirements and start-up time for deploying applications by an individual organizations or users. Even though containers provide light-weight virtualization, it generates a security bottleneck for the number of dedicated resources, libraries, and applications since the container isolation is comparatively weak to the legacy VMs. In the general architec ture of container, attackers can perform privilege escalation by exploiting the kernel vulnerabilities to gain the root privilege and leaks the critical information of a system. To address the present security concerns in the container, a better security based solution is essential. In this work, an extensive analysis is performed to predict the various existing access control mechanisms used for security purposes and the challenges encountered during the architecture modeling. Some use cases are considered to ensure the fulfilment of security requirements such as container protection, inter-container protection, and host protection, and it needs to provide both software and hardware solutions. This work also includes the research problems, research gaps, and further research extensions to provide security to the containers.\",\"PeriodicalId\":417648,\"journal\":{\"name\":\"Proceedings of the 3rd International Conference on Integrated Intelligent Computing Communication & Security (ICIIC 2021)\",\"volume\":\"83 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 3rd International Conference on Integrated Intelligent Computing Communication & Security (ICIIC 2021)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2991/ahis.k.210913.053\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd International Conference on Integrated Intelligent Computing Communication & Security (ICIIC 2021)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2991/ahis.k.210913.053","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The containers play a crucial role in the cloud environment during application deployment as it shares same OS kernel. It reduces resource requirements and start-up time for deploying applications by an individual organizations or users. Even though containers provide light-weight virtualization, it generates a security bottleneck for the number of dedicated resources, libraries, and applications since the container isolation is comparatively weak to the legacy VMs. In the general architec ture of container, attackers can perform privilege escalation by exploiting the kernel vulnerabilities to gain the root privilege and leaks the critical information of a system. To address the present security concerns in the container, a better security based solution is essential. In this work, an extensive analysis is performed to predict the various existing access control mechanisms used for security purposes and the challenges encountered during the architecture modeling. Some use cases are considered to ensure the fulfilment of security requirements such as container protection, inter-container protection, and host protection, and it needs to provide both software and hardware solutions. This work also includes the research problems, research gaps, and further research extensions to provide security to the containers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
