Docker and Kubernetes in high security environments

Docker and Kubernetes in high security environments

  • January 29, 2019
Table of Contents

Docker and Kubernetes in high security environments

This is brief summary of parts of my master’s thesis and the conclusions to draw from it. This medium-story focuses on containerized application isolation. The thesis also covers segmentation of cluster networks in Kubernetes which is not discussed in this story.

You can read my full thesis here; it’s available through open access:Container Orchestration in Security Demanding Environments at the Swedish Police Authority.

Source: medium.com

Share :
comments powered by Disqus

Related Posts

Running Kubernetes in the Federal Government

Running Kubernetes in the Federal Government

Tackling security compliance is a long and challenging process for agencies, systems integrators, and vendors trying to launch new information systems in the federal government. Each new information system must go through the Risk Management Framework (RMF) created by the National Institute of Standards and Technology (NIST) in order to obtain authority to operate (ATO). This process is often long and tedious and can last for over a year.

Read More
CVE-2018-18264 Privilege escalation through Kubernetes dashboard

CVE-2018-18264 Privilege escalation through Kubernetes dashboard

A recently disclosed vulnerability in Kubernetes dashboard (CVE-2018-18264) exposes secrets to unauthenticated users. In this blog post we’ll explore some key takeaways regarding monitoring privilege escalation on Kubernetes. The Kubernetes dashboard is a web based user interface that allows users to manage applications and resources within the cluster.

Read More
Reaching for the Stars with Ansible Operator

Reaching for the Stars with Ansible Operator

In this post I will show you how to use Roles published to Ansible Galaxy as an Operator to manage an application in Kubernetes. Reusing a Role in this way provides an example of how to create an Operator that simply installs an application with the flexibility to expand and customize the behavior organically as requirements dictate. I will leverage both the Ansible Operator and the k8s module to demonstrate how you can use Ansible to create Kubernetes native applications.

Read More