Songi Gwak, Thien-Phuc Doan, Souhwan Jung*
Intelligent Automation & Soft Computing, Vol.37, No.2, pp. 1773-1786, 2023, DOI:10.32604/iasc.2023.039565
Abstract Containerization is a fundamental component of modern cloud-native infrastructure, and Kubernetes is a prominent platform of container orchestration systems. However, containerization raises significant security concerns due to the nature of sharing a kernel among multiple containers, which can lead to container breakout or privilege escalation. Kubernetes cannot avoid it as well. While various tools, such as container image scanning and configuration checking, can mitigate container workload vulnerabilities, these are not foolproof and cannot guarantee perfect isolation or prevent every active threat in runtime. As such, a policy enforcement solution is required to tackle the problem, and existing solutions based on… More >
Login
Register
