Biblio

Compared with other virtualization technologies, container technology is widely used in edge computing because of its low cost, high reliability, high flexibility and fast portability. However, the use of container technology can alleviate the pressure of massive data, but also bring complex and diverse security problems. Reliable information security risk assessment method is the key to ensure the smooth application of container technology. According to the risk assessment theory, a security risk assessment method for edge computing containers based on dynamic game theory is proposed. Aiming at the complex container security attack and defense process, the container system's security model is constructed based on dynamic game theory. By combining the attack and defense matrix, the Nash equilibrium solution of the model is calculated, and the dynamic process of the mutual game between security defense and malicious attackers is analyzed. By solving the feedback Nash equilibrium solution of the model, the optimal strategies of the attackers are calculated. Finally, the simulation tool is used to solve the feedback Nash equilibrium solution of the two players in the proposed model, and the experimental environment verifies the usability of the risk assessment method.

In a cloud data center, the client requests are catered by placing the services in its servers. Such services are deployed through a sandboxing platform to ensure proper isolation among services from different users. Due to the lightweight nature, containers have become increasingly popular to support such sandboxing. However, for supporting effective and efficient data center resource usage with minimum resource footprints, improving the containers' consolidation ratio is significant for the cloud service providers. Towards this end, in this paper, we propose an exciting direction to significantly boost up the consolidation ratio of a data-center environment by effectively managing the containers' states. We observe that many cloud-based application services are event-triggered, so they remain inactive unless some external service request comes. We exploit the fact that the containers remain in an idle state when the underlying service is not active, and thus such idle containers can be checkpointed unless an external service request comes. However, the challenge here is to design an efficient mechanism such that an idle container can be resumed quickly to prevent the loss of the application's quality of service (QoS). We have implemented the system, and the evaluation is performed in Amazon Elastic Compute Cloud. The experimental results have shown that the proposed algorithm can manage the containers' states, ensuring the increase of consolidation ratio.

Containerization technology becomes one of alternatives in virtualization. Docker requires docker daemon to build, distribute and run the container and this makes the docker vulnerable to an attack surface called Docker daemon Attack Surface - an attack against docker daemon taking over the access (root). Using rootless mode is one way to prevent the attack. Therefore, this research demonstrates the attack prevention by making and running the docker container in the rootless mode. The success of the attack can be proven when the user is able to access the file /etc/shadow that is supposed to be only accessible for the rooted users. Findings of this research demonstrated that the file is inaccessible when the docker is run using the rootless mode. CPU usage is measured when the attack is being simulated using the docker run through root privileges and rootless mode, to identify whether the use of rootless mode in the docker adds the load of CPU usage and to what extent its increased. Results showed that the CPU use was 39% when using the docker with the rootless mode. Meanwhile, using the docker with the right of the root access was only 0%. The increase of 39% is commensurate with the benefit that can prevent the docker daemon attack surface.

Lightweight virtualization represented by container technology provides a virtual environment for cloud services with more flexibility and efficiency due to the kernel-sharing property. However, the shared kernel also means that the system isolation mechanisms are incomplete. Attackers can scan the shared system configuration files to explore vulnerabilities for launching attacks. Previous works mainly eliminate the problem by fixing operating systems or using access control policies, but these methods require significant modifications and cannot meet the security needs of individual containers accurately. In this paper, we present ConfigRand, a moving target defense framework to prevent the information leakages due to the shared kernel in the container-based cloud. The ConfigRand deploys deceptive system configurations for each container, bounding the scan of attackers aimed at the shared kernel. In design of ConfigRand, we (1) propose a framework applying the moving target defense philosophy to periodically generate, distribute, and deploy the deceptive system configurations in the container-based cloud; (2) establish a model to formalize these configurations and quantify their heterogeneity; (3) present a configuration movement strategy to evaluate and optimize the variation of configurations. The results show that ConfigRand can effectively prevent the information leakages due to the shared kernel and apply to typical container applications with minimal system modification and performance degradation.

Cloud-based infrastructures have grown in popularity over the last decade leveraging virtualisation, server, storage, compute power and network components to develop flexible applications. The requirements for instantaneous deployment and reduced costs have led the shift from virtual machine deployment to containerisation, increasing the overall flexibility of applications and increasing performances. However, containers require a fully fleshed operating system to execute, increasing the attack surface of an application. Unikernels, on the other hand, provide a lightweight memory footprint, ease of application packaging and reduced start-up times. Moreover, Unikernels reduce the attack surface due to the self-contained environment only enabling low-level features. In this work, we provide an exhaustive description of the unikernel ecosystem; we demonstrate unikernel vulnerabilities and further discuss the security implications of Unikernel-enabled environments through different use-cases.

The following topics are dealt with: cloud computing; software defined networking; cryptography; telecommunication traffic; Internet of Things; authorisation; software radio; cryptocurrencies; data privacy; learning (artificial intelligence).

When disasters occur, they not only affect the human life. Therefore, communication in disaster management is very important. During the disaster recovery phase, the network infrastructure may be partially fragmented and mobile rescue operations may involve many teams with different roles which can dynamically change. Therefore, disaster management services require high flexibility both in terms of network infrastructure management and rescue group communication. Existing studies have shown that IP-based or traditional telephony solutions are not well-suited to deal with such flexible group communication and network management due to their connection-oriented communication, no built-in support for mobile devices, and no mechanism for network fragmentation. Recent studies show that information-centric networking offers scalable and flexible communication based on its name-based interest-oriented communication approach. However, considering the difficulty of deploying a new service on the existing network, the programmability and virtualization of the network are required. This paper presents our implementation of an information-centric disaster management system based on network function virtualization (vICSNF). We show a proof-of-concept system with a case study for Seoul disaster management services. The system achieves flexibility both in terms of network infrastructure management and rescue group communication. Obtained testbed results show that vICSNF achieves a low communication overhead compared to the IP-based approach and the auto-configuration of vICSNFs enables the quick deployment for disaster management services in disaster scenarios.

While the IT industry is embracing the cloud-native technologies, migrating from monolithic architecture to service-oriented architecture is not a trivial process. It involves a lot of dissection and abstraction. The layer of abstraction designed for simplifying the development quickly becomes the barrier of visibility and the source of misconfigurations. The complexity may give microservices a larger attack surface compared to monolithic applications. This talk presents a microservices threat modeling that uncovers the attack vectors hidden in each abstraction layer. Scenarios of security breaches in microservices platforms are discussed, followed by the countermeasures to close these attack vectors. Finally, a decision-making process for architecting secure microservices is presented.

Cloud use for High Performance Computing (HPC) and High Performance Data Analytics (HPDA) is increasing. The data are transferred to the cloud and usually left there even after the data being processed. There is security concern for such data being left online. We propose secure staging system to prepare not only data but also computing platform for processing the data dynamically just while the data is processed. The data plane of the secure staging system has dynamic reconfigurability with several lower-than-IP-layer partitioning mechanisms. The control plane consists of a scheduler and a resource provisioner working together to reconfigure the partitioning in the data plane dynamically. A field trial system is deployed for treating secure data in dental school to be processed in the computer center with the location distance of 1km. The system shows high score in the Common Vulnerability Scoring System (CVSS) evaluation.

Linux container mechanism has attracted a lot of attention and is increasingly utilized to deploy industry applications. Though it is a consensus that the container mechanism is not secure due to the kernel-sharing property, it lacks a concrete and systematical evaluation on its security using real world exploits. In this paper, we collect an attack dataset including 223 exploits that are effective on the container platform, and classify them into different categories using a two-dimensional attack taxonomy. Then we evaluate the security of existing Linux container mechanism using 88 typical exploits filtered out from the dataset. We find 50 (56.82%) exploits can successfully launch attacks from inside the container with the default configuration. Since the privilege escalation exploits can completely disable the container protection mechanism, we conduct an in-depth analysis on these exploits. We find the kernel security mechanisms such as Capability, Seccomp, and MAC play a more important role in preventing privilege escalation than the container isolation mechanisms (i.e., Namespace and Cgroup). However, the interdependence and mutual-influence relationship among these kernel security mechanisms may make them fall into the "short board effect" and impair their protection capability. By studying the 11 exploits that still can successfully break the isolation provided by container and achieve privilege escalation, we identify a common 4-step attack model followed by all 11 exploits. Finally, we propose a defense mechanism to effectively defeat those identified privilege escalation attacks.

Feature of modern scientific information systems is their integration with computing applications, providing distributed computer simulation and intellectual processing of Big Data using high-efficiency computing. Often these software systems include legacy applications in different programming languages, with non-standardized interfaces. To solve the problem of applications integration, containerization systems are using that allow to configure environment in the shortest time to deploy software system. However, there are no such systems for computer simulation systems with large number of nodes. The article considers the actual task of combining containers into a cluster, integrating legacy applications to manage the distributed software system MD-SLAG-MELT v.14, which supports high-performance computing and visualization of the computer experiments results. Testing results of the container cluster including automatic load sharing module for MD-SLAG-MELT system v.14. are given.

The Agave Platform first appeared in 2011 as a pilot project for the iPlant Collaborative [11]. In its first two years, Foundation saw over 40% growth per month, supporting 1000+ clients, 600+ applications, 4 HPC systems at 3 centers across the US. It also gained users outside of plant biology. To better serve the needs of the general open science community, we rewrote Foundation as a scalable, cloud native application and named it the Agave Platform. In this paper we present the Agave Platform, a Science-as-a-Service (ScaaS) platform for reproducible science. We provide a brief history and technical overview of the project, and highlight three case studies leveraging the platform to create synergistic value for their users.