Container security: Precaution levels, mitigation strategies, and research perspectives

The enterprise technique for application deployment has undergone a major transformation during the past two decades. Using conventional techniques, software developers write code in a particular computing environment, frequently leading to mistakes and defects when moving it to a new computing environment. However, during the past few years, enterprises have begun to use containers & microservices to segregate infrastructure in a particular perspective and develop new models of the technology stack. Software developers could construct and deploy apps more quickly and effectively now, thanks to containerization. Despite the fact that containers have their own namespace, it is still feasible for a containerized image to attack the host system by inserting malicious software into it. This necessitates threat modeling of the container life span. During the investigation, we were able to create the elemental systematic modelling that identifies threats pertaining to container application workflow and its preliminary mitigation techniques, where attack trees are defined alongside the model, which helps academics and enthusiasts better comprehend the significance of container security. We utilize the well-known threat modeling framework, DREAD, to further advance threat modeling across the infrastructure of containers that aids in prioritizing the risks. Additionally, tools for assessing container vulnerabilities and discrete real -world exploits were researched, and approaches for security analysis in container technology were compared to the existing literature. Finally, this study brings to a conclusion by outlining the state-of-the-art survey for future research and identifying potential research topics in server-based and serverless containers.

Automated summary

The enterprise technique for application deployment has undergone a major transformation with the use of containers and microservices, enabling faster and more effective development and deployment of applications. However, container security requires threat modeling and security analysis to protect against attacks.