Abstract
In this research we introduce a new way for container based virtualization to be used in a highly secure fashion. As the industry requires for condensing enterprise infrastructure, the need to use virtualization technologies is becoming a necessity. In the realm of virtualization technologies there are many popular hypervisors (also called Virtual Machine Manager, or VMM), but they all fall short in terms of performance when compared to container based virtualization technologies. However, the virtualization technologies that utilize containers often become victims to security vulnerabilities in ways that hypervisors are abstracted away from. In this paper we introduce a security mechanism that can be used to thwart the shortcomings of popular container based virtualization technologies. We incorporate SELinux along with Linux Containers (LXC) that make use of a recent Linux kernel feature called cgroups. It shows that by incorporating these two technologies we are able to achieve both high level of security and high performance environment where container based virtual servers can run and be utilized for the enterprise.
Original language | American English |
---|---|
State | Published - Jul 16 2012 |
Event | International Conference on Security and Management (SAM) - Las Vegas, NV Duration: Jul 16 2012 → … |
Conference
Conference | International Conference on Security and Management (SAM) |
---|---|
Period | 07/16/12 → … |
Keywords
- Containers
- High performance
- Security
- Virtual containers
DC Disciplines
- Databases and Information Systems