Zero Trust Container Architecture (ZTCA)

Leahy, Darragh; Thorpe, Christina

doi:10.34190/iccws.17.1.35

Cited by 3 publications

(3 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Regarding Docker, Petazzoni [31] warned about using Docker-in-Docker as it requires privileged container which makes it easier to attack the host system. Zero Trust Container Architecture [32] encourages to always consider the code within the container as potentially malicious, asking to higher level of security. In the following section we describe our approach to target container-based CI systems.…”

Section: Related Workmentioning

confidence: 99%

Reflections on Trusting Docker: Invisible Malware in Continuous Integration Systems

Florent

Ilmari

Lucas

et al. 2023

2023 IEEE Security and Privacy Workshops (SPW)

View full text Add to dashboard Cite

Continuous integration (CI) is a widely adopted methodology for supporting software development. It provides automated generation of artifacts (e.g., binaries, container images) which are then deployed in production. However, to which extent should you trust the generated artifacts even if the source code is clean of malicious code? Revisiting the famous compiler backdoor from Ken Thompson, we show that a container-based CI system can be compromised without leaving any trace in the source code. Therefore, detecting such malware is challenging or even impossible with common practices such as peer review or static code analysis. We detail multiple ways to do the initial infection process. Then, we show how to persist during CI system updates, allowing long-term compromise. We detail possible malicious attack payloads such as sensitive data extraction or backdooring production software. We show that infected CI systems can be remotely controlled using covert channels to update attack payload or adapt malware to mitigation strategies. Finally, we propose a proof of concept implementation tested on GitLab CI and applicable to major CI providers. RulesKnowledge Input Output '\v' X X '\v' == '11' '\v' == '11' '\v' == '11' X '\v' '\v' '\v' '|' '|'

show abstract

Section: Related Workmentioning

confidence: 99%

Reflections on Trusting Docker: Invisible Malware in Continuous Integration Systems

Florent

Ilmari

Lucas

et al. 2023

2023 IEEE Security and Privacy Workshops (SPW)

View full text Add to dashboard Cite

show abstract

“…As a critical technology in networks, the security of Docker deployments is noteworthy. Leahy et al [37] investigated the security state of Docker containers deployed by default on Linux from a containerisation perspective and proposed a zero trust container architecture (ZTCA). The ZTCA builds on the strategic ideas and principles of the ZTA and successfully demonstrates that the zero trust principle can censor and secure a wide range of Docker use cases to ensure the security of Docker deployment.…”

Section: Zero Trust Achievementmentioning

confidence: 99%

Theory and Application of Zero Trust Security: A Brief Survey

Kang,

Liu,

Wang

et al. 2023

Entropy

View full text Add to dashboard Cite

As cross-border access becomes more frequent, traditional perimeter-based network security models can no longer cope with evolving security requirements. Zero trust is a novel paradigm for cybersecurity based on the core concept of “never trust, always verify”. It attempts to protect against security risks related to internal threats by eliminating the demarcations between the internal and external network of traditional network perimeters. Nevertheless, research on the theory and application of zero trust is still in its infancy, and more extensive research is necessary to facilitate a deeper understanding of the paradigm in academia and the industry. In this paper, trust in cybersecurity is discussed, following which the origin, concepts, and principles related to zero trust are elaborated on. The characteristics, strengths, and weaknesses of the existing research are analysed in the context of zero trust achievements and their technical applications in Cloud and IoT environments. Finally, to support the development and application of zero trust in the future, the concept and its current challenges are analysed.

show abstract

“…Applying Zero Trust Containers Architecture (ZTCA) [32] to secure docker containers was proposed by Darragh Leahy et al [33]. Initially, the authors investigated the security state of a default deployment of the docker container engine on Linux and analyzed how the Zero Trust containers Architecture can be extended beyond the networking to secure docker deployments.…”

Section: Related Workmentioning

confidence: 99%

High-Secured Data Communication for Cloud Enabled Secure Docker Image Sharing Technique Using Blockchain-Based Homomorphic Encryption

Kaliappan

Rajasoundaran

et al. 2022

Energies

View full text Add to dashboard Cite

In recent years, container-based virtualization technology for edge and cloud computing has advanced dramatically. Virtualization solutions based on Docker Containers provide a more lightweight and efficient virtual environment for Edge and cloud-based applications. Because their use is growing on its own and is still in its early phases, these technologies will face a slew of security issues. Vulnerabilities and malware in Docker container images are two serious security concerns. The risk of privilege escalation is increased because Docker containers share the Linux kernel. This study presents a distributed system framework called Safe Docker Image Sharing with Homomorphic Encryption and Blockchain (SeDIS-HEB). Through homomorphic encryption, authentication, and access management, SeDIS-HEB provides secure docker image sharing. The SeDIS-HEB framework prioritizes the following three major functions: (1) secure docker image upload, (2) secure docker image sharing, and (3) secure docker image download. The proposed framework was evaluated using the InterPlanetary File System (IPFS). Secure Docker images were uploaded using IPFS, preventing unauthorized users from accessing the data contained within the secure Docker images. The SeDIS-HEB results were transparent and ensured the quality of blockchain data access control authentication, docker image metadata denial-of-service protection, and docker image availability.

show abstract

Zero Trust Container Architecture (ZTCA)

Cited by 3 publications

References 5 publications

Reflections on Trusting Docker: Invisible Malware in Continuous Integration Systems

Reflections on Trusting Docker: Invisible Malware in Continuous Integration Systems

Theory and Application of Zero Trust Security: A Brief Survey

High-Secured Data Communication for Cloud Enabled Secure Docker Image Sharing Technique Using Blockchain-Based Homomorphic Encryption

Contact Info

Product

Resources

About