The National Institute of Standards and Technology (NIST) [7] has provided a catalog of two hundred twenty four security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations. These controls are access controls, audit and accountability, security assessment and authorization, identification and authentication, incident response, personnel security, risk assessment, system and communications protection, and system and information integrity, etc. Open Security Controls Assessment Language (OSCAL) [8] is attempting to address several challenges around security controls and security control assessment developed by NIST.

NIST [9] has published a guidance on application container security outlining the challenges and recommendations for addressing these challenges. Container technology risk is described at five major levels which are image risk, registry risk, orchestrator risk, container risk, and host OS risk. Recommendations to counter the attacks due to exploitation of these risks are: (a) using container-specific host OS to avoid large attack surfaces, (b) using separate hosts for different groups of containers, (d) adoption of container-specific vulnerability management tools, (e) the use of hardware-based countermeasures, and (f) the use of container-aware runtime defense tools. Five phases have been discussed for the security of container technology- initiation phase, planning and design phase, implementation phase, operations, and maintenance phase, and disposition phase.

Containers share the same host kernel, which can be the single point of failure for system breakout. Mouat [10] has suggested some mechanism to secure containerized environment such as running containers in virtual machine (VM), using minimum resources (process not running in container as a root, enabling file-system as read only etc.), using separate Docker host in multi-tenancy environment, image labeling, avoiding unsupported drivers, image provenance (cryptographic signing), reproducible and Trustworthy Dockerfiles, running regular auditing, incident response (Ex. Docker diff, logs, commit). Mouat has discussed the following challenges to Docker security such as kernel exploits, denial of service attacks, container breakouts (privilege escalation attacks), poisoned images (host and data are at risk), and compromising secrets. A list of security mechanism for containerized environment is also suggested such as running containers in a virtual machine (VM), using minimum resources, using separate Docker host in a multi-tenancy environment, image labeling, and image provenance (cryptographic signing), reproducible and Trustworthy Dockerfiles, and running regular auditing, and incident response.

Reshetova et al. [11] have discussed the security issues and solutions of OS-level virtualization. An attack model is discussed in a containerized environment that results in unauthorized data access, control flow error, denial of services, and privilege escalation. Feature of container-based OS (FreeBSD, Linux-VServer, OpenVZ, etc.) is described along with its container management capabilities. Security requirements of container technology are discussed in detail, including isolation of process, file system, network, and devices. This study highlights the critical challenges of the container ecosystem from a security perspective that need a solution.

Bui [12] has presented a study on Docker internal security and its Linux based security features. Denial of service and privilege escalation attacks are discussed and their countermeasures such as isolation of process, filesystem, and device, limiting inter-process communication and network access, and finally specifying limits on the usage of resources are described. As Docker is based on the Linux system, Bui’s study also includes Linux features. Features of Linux security products such as SELinux and AppArmor are also discussed as these features are built into the Linux.

Combe et al. [13] have presented an overview of Docker, its functionality, and security challenges. The authors explained the base of Docker security as isolation of processes, kernel security modules, and network security. Challenges of Docker containers discussed include insecure local configuration, malicious images, and weak local access control.

Vulnerability issues

A detail of container vulnerabilities can be found in the National Vulnerability Database (NVD) [14] that can be categorized on the basis of various severity level using the Common Vulnerability Scoring System (CVSS). These vulnerabilities can be further categorized in various types such as: Path traversal, Code injection, Unauthorized modification, Bypassing user authentication, Improper input validation, Deserialization of untrusted Data, Data processing error, etc. Below, the study on the container vulnerability are discussed:

Gummaraju et al. [15] have studied the Docker Hub images and found security vulnerabilities. Official images are analyzed to examine the severity level found in Debian packages, OpenSSL, Ubuntu repositories, etc. Non-official Docker Hub images are also analyzed and seen a higher number of vulnerable images. The authors have discussed the vulnerabilities that result in significant security threats such as privilege escalation and container breakout. Solutions are suggested to scan the images, run them into a virtual machine, and rebuild the image from scratch. Official images need to be updated regularly to remove redundant layers to enhance the Docker ecosystem’s security mechanism.

Mostajeran et al. [16] have proposed a vulnerability analysis and risk assessment model to increase the security strength in container based cloud environment. Authors have focused on the container’s image vulnerability analysis to assess the risk factor involved in the container ecosystem. Docker images such as NGINX, tomcat, and linux packages are analyzed to find the type of attack and its base score. Based on these scores, risk factor is calculated on the scale of 0 to 10. Vulnerable images should be assessed before its download on host system so that containers could be run in safe mode and avoid attacks such as privilege escalation.

Martin et al. [17] have presented a detailed study on the Docker ecosystem’s vulnerability. Authors have discussed the various aspects of container environment such as a comparative study with virtualization technology, unikernel runtime models, supported libraries, Linux containers, dependencies. The strength and weaknesses of Docker containers are also discussed against possible attacks. The usability of Docker Swarm is also presented along with Amazon ECS and Kubernetes orchestration. Vulnerability analysis is studied at various Docker ecosystem components such as insecure system configurations, vulnerable Docker image distribution, Linux kernel vulnerability, and maliciousness of Dockerfiles. The concept of Container-as-a-Service is also discussed in the cloud computing environment with its dependency on virtual machines and automation functionality. Security issues and the forensic aspect of the Docker ecosystem need to be identified and discussed in detail.

Zerouali et al. [18] have presented the study of a security vulnerability in Docker containers. The proposed model is used to analyze only Debian packages of Docker Hub images. Based on the vulnerability database’s historical details and Debian Security Bug Tracker [19], vulnerability analysis is performed. Information such as version name and number, distribution type (testing, stable, old stable), and release date are extracted to compare the attributes available in the database. A bug report is also generated using the Ultimate Debian Database, which is being checked based on the version specification. The proposed study can be extended to other package distributions of Docker images.

Wenhao et al. [20] have discussed the architecture of Docker container and vulnerability issue in it. Docker vulnerabilities are studied in four categories: file system isolation, process and communication, device and host resources, and network and image transmission. The authors have presented Docker and kernel security features, including the network framework, integrity protection, access control, security enhancement mechanism, etc.

Rights and permissions

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.

Disclaimer:

This article is autogenerated using RSS feeds and has not been created or edited by OA JF.

Click here for Source link (https://www.springeropen.com/)