To Docker or Not to Docker: A Security Perspective
Top Cited Papers
- 11 November 2016
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Cloud Computing
- Vol. 3 (5), 54-62
- https://doi.org/10.1109/mcc.2016.100
Abstract
The need for ever-shorter development cycles, continuous delivery, and cost savings in cloud-based infrastructures led to the rise of containers, which are more flexible than virtual machines and provide near-native performance. Among all container solutions, Docker, a complete packaging and software delivery tool, currently leads the market. This article gives an overview of the container ecosystem and discusses the Docker environment's security implications through realistic use cases. The authors define an adversary model, point out several vulnerabilities affecting current Docker usage, and discuss further research directions.Keywords
This publication has 5 references indexed in Scilit:
- Virtualization and Cloud Security: Benefits, Caveats, and Future DevelopmentsPublished by Springer Science and Business Media LLC ,2014
- Security of OS-Level Virtualization TechnologiesPublished by Springer Science and Business Media LLC ,2014
- Performance Evaluation of Container-Based Virtualization for High Performance Computing EnvironmentsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- Survivable key compromise in software update systemsPublished by Association for Computing Machinery (ACM) ,2010
- A look in the mirrorPublished by Association for Computing Machinery (ACM) ,2008