Security challenges of microservices

Abstract. Security issues regarding microservice are well researched, however the different security issues and solutions have not been brought together as yet. This study searched through academic databases to find out what security issues and proposed solutions or mitigation methods can be found in existing literature. It found several security issues and methods in literature. Most security issues are raised regarding microservice that externally facing or in open environment. Majority of sources addressed security monitoring and authentication and authorization issues, fewer studies on implementation and bug-related issues such as container implementation and -bugs and some on networking related issues. This study found also that there is some amount of disconnect in literature when it comes to addressing security issues and their solutions and mitigation methods. The study offers a more detailed account of existing microservice security issues and solutions

Lic-Sec: an enhanced AppArmor Docker security profile generator

Along with the rapid development of cloud computing technology, containerization technology has drawn much attention from both industry and academia. In this paper, we perform a comparative measurement analysis of Docker-sec, which is a Linux Security Module proposed in 2018, and a new AppArmor profile generator called Lic-Sec, which combines Docker-sec with a modified version of LiCShield, which is also a Linux Security Module proposed in 2015. Docker-sec and LiCShield can be used to enhance Docker container security based on mandatory access control and allows protection of the container without manually configurations. Lic-Sec brings together their strengths and provides stronger protection. We evaluate the effectiveness and performance of Docker-sec and Lic-Sec by testing them with real-world attacks. We generate an exploit database with 42 exploits effective on Docker containers selected from the latest 400 exploits on Exploit-db. We launch these exploits on containers spawned with Docker-sec and Lic-Sec separately. Our evaluations show that for demanding images, Lic-Sec gives protection for all privilege escalation attacks for which Docker-sec failed to give protection

A Cyber Attack-Resilient Server Using Hybrid Virtualization

AbstractThis paper describes a novel, cyber attack-resilient server using hybrid virtualization that can reduce the downtime of the server and enhance the diversity of operating systems by adding a Linux virtual machine. The hybrid virtualization consists of machine- and application-level virtualization. The prototype system virtualizes a machine using VMware ESXi, while the prototype system virtualizes a server application using Docker on a Linux virtual machine. Docker increases the speed at which a server application starts while requiring fewer resources such as memory and storage. Performance tests showed that the prototype system reduced the downtime of the DNS service by exploiting a vulnerability with no false positive detections compared with our previous work

CONSERVE: A framework for the selection of techniques for monitoring containers security

Context:\ua0Container-based virtualization is gaining popularity in different domains, as it supports continuous development and improves the efficiency and reliability of run-time environments.\ua0Problem:\ua0Different techniques are proposed for monitoring the security of containers. However, there are no guidelines supporting the selection of suitable techniques for the tasks at hand.\ua0Objective:\ua0We aim to support the selection and design of techniques for monitoring container-based virtualization environments.\ua0Approach: First, we review the literature and identify techniques for monitoring containerized environments. Second, we classify these techniques according to a set of categories, such as technical characteristic, applicability, effectiveness, and evaluation. We further detail the pros and cons that are associated with each of the identified techniques.\ua0Result:\ua0As a result, we present CONSERVE, a multi-dimensional decision support framework for an informed and optimal selection of a suitable set of container monitoring techniques to be implemented in different application domains.\ua0Evaluation:\ua0A mix of eighteen researchers and practitioners evaluated the ease of use, understandability, usefulness, efficiency, applicability, and completeness of the framework. The evaluation shows a high level of interest, and points out to potential benefits

Rule-Based Security Monitoring of Containerized Environments

Containers have to be secured in a multi-tenant environment. To secure the use of containerized environments, the effectiveness of a rule-based security monitoring approach have been investigated. The approach of this paper can be used to detect a wide range of potentially malicious behaviour of workloads in containerized environments. Additionally is able to monitor the actual container runtime for misuse and misconfiguration. In order to evaluate the detection capabilities of the open-source tools utilized in a container, various scenarios of undesired behaviour are closely examined. In addition, the performance overhead and functional limitations associated with workload monitoring are discussed. The proposed approach is effective in many of the scenarios examined and its performance overhead is adequate, if appropriate event filtering is applied

Building a Secure Software Supply Chain

Nowadays more and more companies use agile software development to build software in short release cycles. Monolithic applications are split into microservices, which can independently be maintained and deployed by agile teams. Modern platforms like Docker support this process. Docker offers services to containerize such services and orchestrate them in a container cluster. A software supply chain is the umbrella term for the process of developing, automated building and testing, as well as deploying a complete application. By combining a software supply chain and Docker, those processes can be automated in standardized environments. Since Docker is a young technology and software supply chains are critical processes in organizations, security needs to be reviewed. In this work a software supply chain based on Docker is built and a threat modeling process is used to assess its security. The main components are modeled and threats are identified using STRIDE. Afterwards risks are calculated and methods to secure the software supply chain based on security objectives confidentiality, integrity and availability are discussed. As a result, some components require special treatments in security context since they have a high residual risk of being targeted by an attacker. This work can be used as basis to build and secure the main components of a software supply chain. However additional components such as logging, monitoring as well as integration into existing business processes need to be reviewed.Heutzutage nutzen mehr und mehr Firmen agile Softwareentwicklung, um Software in kurzen Release-Zyklen zu entwickeln. Monotlithische Anwendungen werden in Microservices aufgeteilt, welche unabhängig voneinander erstellt und veröffentlicht werden können. Moderne Plattformen wie Docker unterstützen diesen Prozess. Docker bietet Dienste an, um solche Anwendungen in Container zu verpacken und sie auf Container Clustern zu orchestrieren. Eine Software Supply Chain ist der Überbegriff für den Prozess der Herstellung, des automatisierten Bauens und Testens, sowie der Veröffentlichung von Software. Durch die Kombination aus Software Supply Chains und Docker können diese Prozesse in standardisierten Umgebungen automatisiert werden. Da Docker eine junge Technologie ist und Software Supply Chains einen kritischen Prozess im Unternehmen darstellen, muss zunächst die Sicherheit überprüft werden. In dieser Arbeit wird Bedrohungsmodellierung verwendet, um eine Software Supply Chain auf Basis von Docker zu bauen und abzusichern. Die Hauptkomponenten werden modelliert und Bedrohungen mit Hilfe von STRIDE identifiziert. Daraufhin werden Risiken berechnet und Möglichkeiten diskutiert, die Software Supply Chain auf Basis der Sicherheitsziele Vertraulichkeit, Integrität und Verfügbarkeit abzusichern. Als Resultat dieser Arbeit stellte sich heraus, dass einige Komponenten eine spezielle Behandlung im Sicherheitskontext benötigen, da sie über ein hohes Restrisiko verfügen, Ziel eines Angriffes zu werden. Diese Arbeit kann als Basis für den Bau und die Absicherung einer Software Supply Chain genutzt werden. Jedoch müssen zusätzliche Komponenten, wie beispielsweise ein Monitoring- und Logging-Prozess, oder die Integration in bestehende Business-Prozesse überprüft werden