Container Performance and Vulnerability Management for Container Security Using Docker Engine. (10th August 2022)
- Record Type:
- Journal Article
- Title:
- Container Performance and Vulnerability Management for Container Security Using Docker Engine. (10th August 2022)
- Main Title:
- Container Performance and Vulnerability Management for Container Security Using Docker Engine
- Authors:
- Alyas, Tahir
Ali, Sikandar
Khan, Habib Ullah
Samad, Ali
Alissa, Khalid
Saleem, Muhammad Asif - Other Names:
- Shafiq Muhammad Academic Editor.
- Abstract:
- Abstract : Containers have evolved to support microservice architecture as a low-cost alternative to virtual machines. Containers are increasingly prevalent in the virtualization landscape because of better working; containers can bear considerably less overhead than the conventional hypervisor-based component virtual machines. However, containers directly communicate with the host kernel, and attackers can co-locate containers in the host system quicker than virtual machines. This causes significant security issues in container technology. The security hardening system is currently targeted at implementing universal access management regulations that make it difficult to assess the required procedure for accessing containers. Security mechanisms include an explicit awareness of the purpose and actions of the container and entail manual interaction and configuration. A user-friendly container protection scheme implemented an access policy to comply with its anticipated and legitimate application performance. In this study, container technology constraints have been overcome by proposing a unique Docker-sec mechanism. Docker-sec uses four mechanisms; the original collection has been improved during container runtime by additional rules that constrain the capacity of the container, further representing the applications in practice, file system, processes, network isolation, and vulnerability scanning of Docker images over different workload. Different vulnerabilities have beenAbstract : Containers have evolved to support microservice architecture as a low-cost alternative to virtual machines. Containers are increasingly prevalent in the virtualization landscape because of better working; containers can bear considerably less overhead than the conventional hypervisor-based component virtual machines. However, containers directly communicate with the host kernel, and attackers can co-locate containers in the host system quicker than virtual machines. This causes significant security issues in container technology. The security hardening system is currently targeted at implementing universal access management regulations that make it difficult to assess the required procedure for accessing containers. Security mechanisms include an explicit awareness of the purpose and actions of the container and entail manual interaction and configuration. A user-friendly container protection scheme implemented an access policy to comply with its anticipated and legitimate application performance. In this study, container technology constraints have been overcome by proposing a unique Docker-sec mechanism. Docker-sec uses four mechanisms; the original collection has been improved during container runtime by additional rules that constrain the capacity of the container, further representing the applications in practice, file system, processes, network isolation, and vulnerability scanning of Docker images over different workload. Different vulnerabilities have been scanned with a CVE severity level. Results showed that inter-container communication with the system is more secure containers from zero vulnerabilities with an overhead of 3.45%. … (more)
- Is Part Of:
- Security and communication networks. Volume 2022(2022)
- Journal:
- Security and communication networks
- Issue:
- Volume 2022(2022)
- Issue Display:
- Volume 2022, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 2022
- Issue:
- 2022
- Issue Sort Value:
- 2022-2022-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-08-10
- Subjects:
- Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1155/2022/6819002 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 23457.xml