Show simple item record

AuthorAlyas, Tahir
AuthorAli, Sikandar
AuthorKhan, Habib Ullah
AuthorSamad, Ali
AuthorAlissa, Khalid
AuthorSaleem, Muhammad Asif
Available date2022-12-26T08:22:43Z
Publication Date2022-08-10
Publication NameSecurity and Communication Networks
Identifierhttp://dx.doi.org/10.1155/2022/6819002
CitationAlyas, T., Ali, S., Khan, H. U., Samad, A., Alissa, K., & Saleem, M. A. (2022). Container Performance and Vulnerability Management for Container Security Using Docker Engine. Security and Communication Networks, 2022.
ISSN1939-0114
URIhttps://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85136485432&origin=inward
URIhttp://hdl.handle.net/10576/37584
AbstractContainers have evolved to support microservice architecture as a low-cost alternative to virtual machines. Containers are increasingly prevalent in the virtualization landscape because of better working; containers can bear considerably less overhead than the conventional hypervisor-based component virtual machines. However, containers directly communicate with the host kernel, and attackers can co-locate containers in the host system quicker than virtual machines. This causes significant security issues in container technology. The security hardening system is currently targeted at implementing universal access management regulations that make it difficult to assess the required procedure for accessing containers. Security mechanisms include an explicit awareness of the purpose and actions of the container and entail manual interaction and configuration. A user-friendly container protection scheme implemented an access policy to comply with its anticipated and legitimate application performance. In this study, container technology constraints have been overcome by proposing a unique Docker-sec mechanism. Docker-sec uses four mechanisms; the original collection has been improved during container runtime by additional rules that constrain the capacity of the container, further representing the applications in practice, file system, processes, network isolation, and vulnerability scanning of Docker images over different workload. Different vulnerabilities have been scanned with a CVE severity level. Results showed that inter-container communication with the system is more secure containers from zero vulnerabilities with an overhead of 3.45%.
SponsorQatar University Internal Grant - No. IRCC-2021-010.
Languageen
PublisherWiley
SubjectCloud computing
Security Vulnerabilities
Virtualization technology
Dynamic monitoring
TitleContainer Performance and Vulnerability Management for Container Security Using Docker Engine
TypeArticle
Volume Number2022
ESSN1939-0122
dc.accessType Open Access


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record