To Docker or Not to Docker: A Security Perspective 论文
2016IEEE Cloud Computing引用 262
Cloud Computing and Resource ManagementSecurity and Verification in ComputingCloud Data Security Solutions
详细信息
- 发表期刊/会议
- IEEE Cloud Computing
- 发表日期
- 2016-09-01
- 发表年份
- 2016
关键词
Cloud Computing and Resource ManagementSecurity and Verification in ComputingCloud Data Security Solutions
摘要
The need for ever-shorter development cycles, continuous delivery, and cost savings in cloud-based infrastructures led to the rise of containers, which are more flexible than virtual machines and provide near-native performance. Among all container solutions, Docker, a complete packaging and software delivery tool, currently leads the market. This article gives an overview of the container ecosystem and discusses the Docker environment's security implications through realistic use cases. The authors define an adversary model, point out several vulnerabilities affecting current Docker usage, and discuss further research directions.