PC-TDA: a policy-customized trusted Docker architecture based on attribute-based signature

Jiawei Fu; Chenlin Huang; Jiajian Li; Xiaoda Xie

doi:10.1117/12.2657202

28 November 2022 PC-TDA: a policy-customized trusted Docker architecture based on attribute-based signature

Jiawei Fu, Chenlin Huang, Jiajian Li, Xiaoda Xie

Proceedings Volume 12503, International Conference on Network Communication and Information Security (ICNCIS 2022); 125030E (2022) https://doi.org/10.1117/12.2657202
Event: International Conference on Network Communication and Information Security (ICNCIS 2022), 2022, Qingdao, China

Abstract

Docker has become the main service deployment mode of cloud platform because of its lightweight and portable characteristics. With the popularity of cloud services, the security of Docker becomes an increasingly concerned issue. On one hand, the security capability of Docker is insufficient currently. Docker is designed to reduce the attack surface mainly by simplifying the system functions. Meanwhile, there are only limited built-in security mechanisms for Docker which are incapable of controlling the runtime security for Docker. On the other hand, there lacks personalized security policy deployment and enforcement mechanism in Docker which cannot meet the special security needs of users for cloud services. Focusing on the above problems, this paper proposes a new security-on-demand framework for Docker called a “Policy-Customized Trusted Docker Architecture” (PC-TDA), which forces cloud service providers to provide secure Docker services satisfying the user customized security policies by introducing the attribute-based encryption mechanism. At the same time, PC-TDA uses the attribute-based signature mechanism to support the verification of the security status and security policies of cloud services. Based on the Kylin cloud, the PC-TDA is preliminarily implemented, and the verification results show the availability and rationality of our proposed architecture which can provide greater flexibility for cloud users to control Dockers.

Citation Download Citation

Jiawei Fu, Chenlin Huang, Jiajian Li, and Xiaoda Xie "PC-TDA: a policy-customized trusted Docker architecture based on attribute-based signature", Proc. SPIE 12503, International Conference on Network Communication and Information Security (ICNCIS 2022), 125030E (28 November 2022); https://doi.org/10.1117/12.2657202

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members: $17.00

Non-members: $21.00 ADD TO CART

PROCEEDINGS
8 PAGES

DOWNLOAD PAPER SAVE TO MY LIBRARY

GET CITATION

RIGHTS & PERMISSIONS

Get copyright permission Get copyright permission on Copyright Marketplace

KEYWORDS

Information security

Clouds

Computer security

Image processing

Network security

Computer architecture

Image enhancement

Show All Keywords

Keywords/Phrases

Search In:

Publication Years