To Docker or Not to Docker: A Security Perspective

Top Cited Papers

11 November 2016

journal article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Cloud Computing

Vol. 3 (5), 54-62
https://doi.org/10.1109/mcc.2016.100

Abstract

The need for ever-shorter development cycles, continuous delivery, and cost savings in cloud-based infrastructures led to the rise of containers, which are more flexible than virtual machines and provide near-native performance. Among all container solutions, Docker, a complete packaging and software delivery tool, currently leads the market. This article gives an overview of the container ecosystem and discusses the Docker environment's security implications through realistic use cases. The authors define an adversary model, point out several vulnerabilities affecting current Docker usage, and discuss further research directions.

Keywords

This publication has 5 references indexed in Scilit:

Virtualization and Cloud Security: Benefits, Caveats, and Future Developments
Published by Springer Science and Business Media LLC ,2014
Security of OS-Level Virtualization Technologies
Published by Springer Science and Business Media LLC ,2014
Performance Evaluation of Container-Based Virtualization for High Performance Computing Environments
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2013
Survivable key compromise in software update systems
Published by Association for Computing Machinery (ACM) ,2010
A look in the mirror
Published by Association for Computing Machinery (ACM) ,2008

Cited by 161 articles