Skip to main content
Springer Nature Link
Log in

Security Consideration of Each Layers in a Cloud-Native Environment

  • Conference paper
  • First Online:
Mobile Internet Security (MobiSec 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1644))

Included in the following conference series:

  • 348 Accesses

Abstract

With the advent of 5G environments, the importance of ‘Cloud Native’ is increasing. Cloud native refers to an approach to building and running applications that utilizes a cloud computing delivery model instead of an on-premise data center. Cloud-native takes full advantage of the cloud’s advantages, including scalability, buildability, manageability, and unlimited on-demand computing power. To this end, it adopts a microservices structure, dividing the application into as few units as possible and having these granular units run as containers. In addition, cloud-native systems aim to reduce productivity, business agility, and cost by introducing a devops strategy and agile methodology for immediate service execution and frequent and continuous upgrade according to market and service demands, and applying it to software development. In this regard, containers which is a core component of cloud native can produce advantages in efficiency and scalability, as virtualized objects are light and can be executed quickly. However, security may be relatively weak compared to virtual machines with independent operating systems. In this paper, we explore security threats and solutions for container platforms, focusing on ‘cloud native security’ defined by the Cloud Native Computing Foundation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Netmanias, Evolution to 5G: Cloud Native. https://www.netmanias.com/ko/post/blog/14631/5g-sdn-nfv/evolution-to-5g-cloud-native-1

  2. CNCF Cloud Native Definition v1.0. https://github.com/cncf/toc/blob/master/DEFINITION.md

  3. Kubernetes, Overview of Cloud Native Security. https://kubernetes.io/docs/concepts/security/over view/

  4. Red Hat Customer Portal, Symblic Exchange Attack (CVE-2021–30465) (2021). https://access.redhat.com/security/vulnerabilities/RHSB-2021-004

  5. Shu, R., Gu, X., Enck, W.: A study of security vulnerabilities on docker hub ser. CODASPY 2017, pp. 269–280 New York, NY, USA (2017)

    Google Scholar 

  6. Socchi, E.: A deep dive into docker hub’s security landscape-a story of inheritance? Master’s thesis (2019)

    Google Scholar 

  7. NIST, CVE-2014–6271 Detail, National Vulnarability Database (2021). https://nvd.nist.gov/vuln/detail/cve-2014-6271

  8. Sun, Y., Safford, D., Zohar, M., Pendarakis, D., Gu, Z., Jaeger, T.: Security namespace: making linux security frameworks available to containers. In: 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, pp. 1423–1439 (2018)

    Google Scholar 

  9. Sampat, P.R.: Introduce cpu namespace. https://lwn.net/Articles/872507/

  10. Center for Internet Security, CIS Kubernetes Benchmark (2020). https://www.cisecurity.org/benchmark/kubernetes

  11. NSA and CISA, Kubernetes hardening guidance (2021)

    Google Scholar 

  12. Center for Internet Security, CIS Docker Benchmark (2020). https://www.cisecurity.org/benchmark/docker/

  13. Security Enhanced Linux (SELinux). https://selinuxproject.org/page/Main_Page

Download references

Acknowledgements

This work was supported by Institute of Information & communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (No. 2020–0-00952, Development of 5G Edge Security Technology for Ensuring 5G+ Service Stability and Availability).

Author information

Authors and Affiliations

  1. Electronics and Telecommunications Research Institute, 218 Gajeong-Ro, Yuseong-Gu, Daejeon, 34129, Republic of Korea

    Youngsoo Kim, Cheolhee Park & Yong-yoon Shin

Authors
  1. Youngsoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Cheolhee Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yong-yoon Shin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Youngsoo Kim .

Editor information

Editors and Affiliations

  1. Kookmin University, Seoul, Korea (Republic of)

    Ilsun You

  2. Sangmyung University, Cheonan-si, Korea (Republic of)

    Hwankuk Kim

  3. Middle East Technical University, Ankara, Türkiye

    Pelin Angin

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kim, Y., Park, C., Shin, Yy. (2023). Security Consideration of Each Layers in a Cloud-Native Environment. In: You, I., Kim, H., Angin, P. (eds) Mobile Internet Security. MobiSec 2022. Communications in Computer and Information Science, vol 1644. Springer, Singapore. https://doi.org/10.1007/978-981-99-4430-9_17

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-4430-9_17

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-4429-3

  • Online ISBN: 978-981-99-4430-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics