DockerPolicyModules: Mandatory Access Control for Docker Containers

被引:0
|
作者
Bacis, Enrico [1 ]
Mutti, Simone [1 ]
Capelli, Steven [1 ]
Paraboschi, Stefano [1 ]
机构
[1] Univ Bergamo, DIGIP, Bergamo, Italy
来源
2015 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS) | 2015年
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The wide adoption of Docker and the ability to retrieve images from different sources impose strict security constraints. Docker leverages Linux kernel security facilities, such as namespaces, cgroups and Mandatory Access Control, to guarantee an effective isolation of containers. In order to increase Docker security and flexibility, we propose an extension to the Dockerfile format to let image maintainers ship a specific SELinux policy for the processes that run in a Docker image, enhancing the security of containers.
引用
收藏
页码:749 / 750
页数:2
相关论文
共 50 条
  • [1] GO-Docker A batch scheduling system with Docker containers
    Sallou, Olivier
    Monjeaud, Cyril
    2015 IEEE INTERNATIONAL CONFERENCE ON CLUSTER COMPUTING - CLUSTER 2015, 2015, : 514 - 515
  • [2] A MEC-assisted Vehicle Platooning Control through Docker Containers
    Dabbene, Salvatore
    Lehmann, Christopher
    Campolo, Claudia
    Molinaro, Antonella
    Fitzek, Frank H. P.
    2020 IEEE 3RD CONNECTED AND AUTOMATED VEHICLES SYMPOSIUM (CAVS), 2020,
  • [3] Network Quality of Service in Docker Containers
    Dusia, Ayush
    Yang, Yang
    Taufer, Michela
    2015 IEEE INTERNATIONAL CONFERENCE ON CLUSTER COMPUTING - CLUSTER 2015, 2015, : 527 - 528
  • [4] Orchestrating Docker Containers in the HPC Environment
    Higgins, Joshua
    Holmes, Violeta
    Venters, Colin
    HIGH PERFORMANCE COMPUTING, ISC HIGH PERFORMANCE 2015, 2015, 9137 : 506 - 513
  • [5] Monitoring the Energy Consumption of Docker Containers
    Warade, Mehul
    Lee, Kevin
    Ranaweera, Chathurika
    Schneider, Jean-Guy
    2023 IEEE 47TH ANNUAL COMPUTERS, SOFTWARE, AND APPLICATIONS CONFERENCE, COMPSAC, 2023, : 1703 - 1710
  • [6] An Introduction to Rocker: Docker Containers for R
    Boettiger, Carl
    Eddelbuettel, Dirk
    R JOURNAL, 2017, 9 (02): : 527 - 536
  • [7] Assessing the Performance of Docker in Docker Containers for Microservice-based Architectures
    Bedinotto Fava, Felipe
    Laviola Leite, Luiz Felipe
    Alves da Silva, Luis Fernando
    da Silva Amalfi Costa, Pedro Ramires
    Diniz Nogueira, Angelo Gaspar
    Gobus Lopes, Amanda Fagundes
    Schepke, Claudio
    Luis Kreutz, Diego
    Brandao Mansilha, Rodrigo
    2024 32ND EUROMICRO INTERNATIONAL CONFERENCE ON PARALLEL, DISTRIBUTED AND NETWORK-BASED PROCESSING, PDP 2024, 2024, : 137 - 142
  • [8] Exploring Docker Containers for Time-sensitive Applications in Networked Control Systems
    Sollfrank, Michael
    Loch, Frieder
    Vogel-Heuser, Birgit
    2019 IEEE 17TH INTERNATIONAL CONFERENCE ON INDUSTRIAL INFORMATICS (INDIN), 2019, : 1760 - 1765
  • [9] A Dynamic Mandatory Access Control Model
    Jafarian, Jafar Haadi
    Amini, Morteza
    Jalili, Rasool
    ADVANCES IN COMPUTER SCIENCE AND ENGINEERING, 2008, 6 : 862 - 866
  • [10] Mandatory access control in clustered servers
    Zakrzewski, M
    7TH WORLD MULTICONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL XVI, PROCEEDINGS: SYSTEMICS AND INFORMATION SYSTEMS, TECHNOLOGIES AND APPLICATION, 2003, : 143 - 149
12345