Security concerns around container-based virtualization continue to haunt a promising technology
Container-based virtualization has emerged as one of the top trends in enterprise IT over the last five years. Containers offer a level of flexibility and efficiency that is lacking in Virtual Machines (VMs), allowing cross platform integration. But in certain and crucial respects, container-based VMs lack the security of a VM running a dedicated operating system.
Promising Trend and Potential Disaster
A hypervisor-based VM may be used to provide an additional layer of security to a network, as the VM isolates vulnerable resources from hackers. But just how secure containers are remains uncertain. An article in Infosecurity Magazine explains it this way:
“Containers are (also) less isolated from one another. This means that it’s more difficult to ‘talk’ to individual containers, unlike talking to a virtual host. As a result, security teams are not able to see the code that’s running and whether there are any issues with it. This usually means that they are not scanned for vulnerabilities before or after being deployed to production. Indeed, visibility is a key element in the ability to assess risk and build an effective remediation and patching plan.”
There are many unknowns about containers. An Information Week article suggested a scenario in which two or more containers were allowed to share information, in effect, “talk to each other.” What if one of them was loaded with malicious code designed to hunt out the encryption keys embedded in data that it can access? It might be lead to a security breach if valuable information (such as passwords) is accessed. Such a method might also allow the hacker to gain knowledge of what is happening inside the container, something that has been considered theoretically impossible because containers are designed to hold each application separate from others. “It's likely,” writes Information Week, “even though no one has done so on the record yet, that someone will find a way for code in one container to snoop on or steal data from another container.”
It is possible to host a container on a hypervisor-based VM to gain additional flexibility and security, but if you want the advantages of direct kernel access you'll need to run everything directly on the server.
Market Leader Building Trust
Container based virtualization became popular a few years ago when Docker, an open-source tool to create, manage and distribute LXC (Linux) containers gained a lot of attention by combining different technologies into a powerful virtualization software. Docker allows operators to pack isolated containers more closely into a system to gain greater resource density. Data centers that don’t wish to be encumbered by running a full system VM, want to maximize the use of their server hardware, and get as many applications running possible, have been turning to Docker for years. Docker is not necessary for running a single container, but managing multiple containerized applications in production is far more complicated. Docker makes it easier for operators to manage and deploy container applications, and for developers to create them.
Yet container architects such as Docker have been accompanied by security issues, some of which can potentially arise from sharing images. Docker has in the past lacked sufficient mechanisms to verify the authenticity and authorship of downloaded images. It is possible for these to be modified to bypass verification protocols. Part of this issues stems from the habit of many open-source developers to include their personal email information inside their container images, considering it a courtesy to users. Major enterprises often insist that you shouldn’t publish individual company email addresses (especially inside a public image), but the practice persists. A skilled hacker can easily find out if there is someone working on a particular component at a targeted company, thus opening both developer and company to a spear-phishing attack.
Docker has taken steps to address these security issues, but Docker is not the only platform. A TechRepublic article writes that companies should choose their third-party containers carefully:
“With Docker, you can pull down containers from public repositories. This means you are placing your trust in whoever created the container. But how do you know that container was created securely? Even worse, how do you know that container doesn't contain malicious or corrupt files?”
Docker 1.8 introduced a new security feature called Docker Content Trust allowing users to verify the authenticity, integrity, and publication date of all Docker images available on the Docker Hub Registry.
Companies are continually reassessing container architects like Docker and others. Traditional security protocols may be insufficient in the new, flexible world of multiple container environments, and new ones will probably have to be created. The old network-based security model could be inadequate for a modern app-centric enterprise. Fortunately, as the use of containers has grown, so has the the development of tools to secure them.
Tame the Ever-Increasing Flow of Information
InfoDesk has created the world’s smartest platform for managing and sharing information. With our comprehensive solutions, you can bring all your information together, filter and select relevant content, and deliver the right intelligence to the right people. InfoDesk has been providing actionable intelligence to multinational corporations, government agencies and other organizations since 1999. InfoDesk is based in New York with offices in London, Washington, DC and India. Learn more about InfoDesk.