Orchestrated container virtualization, such as Docker/Kubernetes, is an attractive option to transfer complex IT ecosystems into the cloud. However, this is associated with new challenges for IT security. Containers store sensitive data with the code. The orchestration decides at run-time which containers are executed on which host. Application code is obtained as images from external sources at run-time. Typically, the operator of the cloud is not the owner of the data. Therefore, the configuration of the orchestration is critical, and an attractive target for attackers. A prominent option to secure IT infrastructures is to use security guidelines from agencies, such as Germany’s Federal Office for Information Security. In this work, we analyze the module ”SYS.1.6 Container” from this agency. We want to find out how suitable this module is to secure a typical Kubernetes scenario. Our scenario is a classical 3-tier architecture with front end, business logic and databaseback end. We show that with orchestration, the protection needs for the entire Kubernetes cluster in terms of confidentiality, integrity and availability automatically become ”high” as soon as a sensitive data object is processed or stored in any container. Our analysis has shown that the SYS.1.6 module is generally suitable. However, we have identified three additional threats. Two of them could be exploited automatically, as soon as a respective vulnerability in Docker/Kubernetes appears.
| Identifer | oai:union.ndltd.org:DRESDEN/oai:qucosa:de:qucosa:73371 |
| Date | 28 January 2021 |
| Creators | Haar, Christoph, Buchmann, Erik |
| Publisher | Hochschule für Telekommunikation |
| Source Sets | Hochschulschriftenserver (HSSS) der SLUB Dresden |
| Language | English |
| Detected Language | English |
| Type | info:eu-repo/semantics/updatedVersion, doc-type:conferenceObject, info:eu-repo/semantics/conferenceObject, doc-type:Text |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0017 seconds