Abstract
In this research we introduce a new way for container based virtualization to be used in a highly secure fashion. As the industry requires for condensing enterprise infrastructure, the need to use virtualization technologies is becoming a necessity. In the realm of virtualization technologies there are many popular hypervisors (also called Virtual Machine Manager, or VMM), but they all fall short in terms of performance when compared to container based virtualization technologies. However, the virtualization technologies that utilize containers often become victims to security vulnerabilities in ways that hypervisors are abstracted away from. In this paper we introduce a security mechanism that can be used to thwart the shortcomings of popular container based virtualization technologies. We incorporate SELinux along with Linux Containers (LXC) that make use of a recent Linux kernel feature called cgroups. It shows that by incorporating these two technologies we are able to achieve both high level of security and high performance environment where container based virtual servers can run and be utilized for the enterprise.
Original language | American English |
---|---|
Title of host publication | Proceedings of the International Conference on Security and Management |
State | Published - Jul 16 2012 |
Disciplines
- Databases and Information Systems
Keywords
- Containers
- Secure high performance
- Security
- Virtual containers