CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 12303 > Article
Paper
28 July 2022 KubeRM: a distributed rule-based security management system in cloud native environment
Heng Wang, Ge Zhang, Di Wang, Jin Deng
Author Affiliations +
Proceedings Volume 12303, International Conference on Cloud Computing, Internet of Things, and Computer Applications (CICA 2022); 123030J (2022) https://doi.org/10.1117/12.2642849
Event: International Conference on Cloud Computing, Internet of Things, and Computer Applications, 2022, Luoyang, China
Abstract

Recently, Microservice orchestration has attracted a great deal of attention in IT community. As a breaking technique to redefine our cloud, Microservice orchestration service, such as Kubernetes [1], As development teams have rapidly embraced the technique, the importance of securing the orchestration service has become the focal point. Hence, security practitioners are facing great challenges from the new eco-system.

In this paper, we propose a distributed security management system, KubeRM, for cloud native environment. One of the greatest challenges we are facing is how to effectively and efficiently synchronize security detecting abilities across all machines in our large Kubernetes cluster. Hence, instead of implementing a centralized management system, our proposal focuses on designing a distributed security management system, which achieves seconds level security enforcement across all machines.

In further, we also demonstrate our prototype system, KubeRM, which can effectively enforce not only the exploits detection on vulnerable K8s servers but also detect abnormal network traffic against the orchestrator. It leverages a rules-based detection strategies to profile all orchestrator behaviors.
© (2022) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
Heng Wang, Ge Zhang, Di Wang, and Jin Deng "KubeRM: a distributed rule-based security management system in cloud native environment", Proc. SPIE 12303, International Conference on Cloud Computing, Internet of Things, and Computer Applications (CICA 2022), 123030J (28 July 2022); https://doi.org/10.1117/12.2642849
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 9 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Clouds
Information security
Network security
Computer intrusion detection
Computer security
Rule based systems
Distributed computing
RELATED CONTENT
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top