Securing Kubernetes: A Study on the Measures for Enhancing Control and Data Plane Security

John Jeyasekaran Lawrence*, Edmond Prakash, Chaminda Hewage

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The idea of containerization has gripped the entire IT industry. All kinds of enterprise, embedded, and cloud applications are methodically containerized, curated, and deposited in public and private container image repositories. Such an arrangement facilitates agile and accelerated software engineering. However, for the containerization paradigm to achieve the widely articulated success, there is a need for container orchestration platform solutions for smoothly tackling the container life-cycle management tasks. Kubernetes is the market-leading, modular, and multifaceted platform for simplifying and streamlining the aspects of automated containerized applications deployment and management. Kubernetes is made up of many moving parts and hence their local as well as remote interactions are beset with security challenges. Building and sustaining Kubernetes (K8s) clusters for running and managing containerized applications in a secure and safe manner is the need of the hour. In this paper, we illustrate the various security vulnerabilities of K8s clusters and how they can be surmounted through security enforcement processes, practices, and products.

Original languageEnglish
Title of host publicationAI Applications in Cyber Security and Communication Networks - Proceedings of 9th International Conference on Cyber Security, Privacy in Communication Networks ICCS 2023
EditorsChaminda Hewage, Liqaa Nawaf, Nishtha Kesswani
PublisherSpringer Science and Business Media Deutschland GmbH
Pages127-152
Number of pages26
ISBN (Print)9789819739721
DOIs
Publication statusPublished - 18 Sept 2024
Event9th International Conference on Cyber Security, Privacy in Communication Networks, ICCS 2023 - Cardiff, United Kingdom
Duration: 9 Dec 202310 Dec 2023

Publication series

NameLecture Notes in Networks and Systems
Volume1032 LNNS
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389

Conference

Conference9th International Conference on Cyber Security, Privacy in Communication Networks, ICCS 2023
Country/TerritoryUnited Kingdom
CityCardiff
Period9/12/2310/12/23

Keywords

  • Cloud security
  • Containerization
  • Kubernetes

Cite this