Containers have quickly become a popular alternative to more traditional virtualizationmethods such as hypervisor-based virtualization. Residing at operating system level, containers offer a solution that is cheap in terms of resource usage and flexible in the way it can be applied. The purpose of this chapter is two-fold: first, we provide a brief overview of available container security solutions and how they operate, and second, we try to further elaborate and asses the security requirements for containers as proposed by Reshetova et al. We take a look at the current and past security threats and Common Vulnerabilities and Exposures (CVE) faced by container systems and see how attacks that exploit them violate the aforementioned requirements. Based on our analysis, we contribute by identifying more security requirements for container systems.
Analysis of security in modern container platforms
Conti M.;
2017
Abstract
Containers have quickly become a popular alternative to more traditional virtualizationmethods such as hypervisor-based virtualization. Residing at operating system level, containers offer a solution that is cheap in terms of resource usage and flexible in the way it can be applied. The purpose of this chapter is two-fold: first, we provide a brief overview of available container security solutions and how they operate, and second, we try to further elaborate and asses the security requirements for containers as proposed by Reshetova et al. We take a look at the current and past security threats and Common Vulnerabilities and Exposures (CVE) faced by container systems and see how attacks that exploit them violate the aforementioned requirements. Based on our analysis, we contribute by identifying more security requirements for container systems.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
