With the increasing trend of adopting containerised solution for cloud-based infrastructures, it is becoming increasingly important to pay appropriate attention to the security risks that usually characterise virtualised solutions using container technologies such as Docker. We have recently finished another successful project with our collaborators from Defence Science and Technology Group (DST). This project was focused on identifing and understanding the isolation mechanisms used for containerised technologies. We are glad to share the technical report on this topic with those who are interested in building and operating containerised security-sensitive private cloud. The title of the report is, Understanding Container Isolation Mechanisms for Building Security-Sensitive Private Cloud, and abstract of the report has been copied from the report below for ease of access. This project has been carried out with Ben Ramsey. “Security is one of the key factors of consideration for a cloud-based Information and Communication Technology (ICT) infrastructure or applications. The security of a cloud deployment is dependant upon the security of each of the deployed components. This leads to the need for an overview of the security of the containerised technologies that are available to be deployed on a cloud infrastructure. In this second volume of our report on secure and private cloud for submarine mission systems, we report the findings from our study of container technologies; we will be covering the evaluation procedure, each of the container technologies architecture, the isolation mechanisms that are employed in the technologies, how each isolation mechanism is utilised by the container technologies, and suggestions for improvements to the isolation of each technology based on their weaknesses.
There are some major challenges faced while performing this form of analysis of different open source technologies. One primary one is that in open source technologies the documentation has a tendency to be out-of-date, incomplete, or created as a sales pitch for the technology. This can lead to statements within the documentation being misleading and as these technologies are open source the liability will be on the user of the technology. This lead to the analysis needing to be done by verifying each claim of an isolation related mechanism or feature which can be challenging as some of the features claimed are found in other technologies the analysed technology is dependent on.
Our primary finding from analysing the isolation levels of the container technologies is that each of the technologies have their own strengths and weaknesses in terms of isolation. In terms of overall security LXD can be considered the most secure due to the fully unprivileged containers able to be run, however this still has weaknesses, which are covered by other technologies. This shows that in order to select the correct technology for usage, the requirements for the actual workloads need to be considered.
In addition to our findings, this volume has allowed us to identify some key areas of future work in regards to security of container technologies. Some of the key areas include but are not limited to content trust systems, secure container communication protocols, and secure application containerisation processes and deployment.
This volume and its findings are to assist practitioners in the selection of container technologies to utilise for their particular use case by giving a sufficient understanding of the security risks and requirements of each of the technologies being analysed.”