引用本文: |
-
孔同,王利明,徐震,马多贺.轻量级虚拟化技术安全研究综述[J].信息安全学报,已采用 [点击复制]
- KONG Tong,WANG Liming,XU Zhen,MA Duohe.Survey on Lightweight Virtualization Technology Security[J].Journal of Cyber Security,Accept [点击复制]
|
|
摘要: |
随着以容器技术为代表的轻量级虚拟化技术的飞速发展,其在云计算领域中的地位也越来越重要。轻量级虚拟化技术高效、灵活的特点为云计算带来了新的技术架构和运维模式,同时也引入了新的安全挑战,引起学术界和工业界的广泛关注,但其安全性缺少系统性的研究。本文对轻量级虚拟化技术的架构特点和应用场景进行了概述,按照分层模型对其技术面临的攻击威胁进行了分类综述。然后,根据安全解决方案所属的系统层次对已有的安全防御方法和机制进行了介绍和优缺点分析。最后,展望了轻量级虚拟化技术安全未来的发展趋势和后续的研究方向。 |
关键词: 云计算 轻量级虚拟化 容器技术 网络安全 |
DOI:10.19363/J.cnki.cn10-1380/tn.2023.08.04 |
投稿时间:2020-12-24修订日期:2021-03-08 |
基金项目:国家重点研发计划项目(2019YFB1005200) |
|
Survey on Lightweight Virtualization Technology Security |
KONG Tong1,2,3, WANG Liming1, XU Zhen1, MA Duohe1
|
(1.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;2.School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China;3.China Industrial Control System Cyber Emergency Response Team, Beijing, 100040, China) |
Abstract: |
With the rapid development of lightweight virtualization technology represented by container technology, its position in the cloud computing is becoming more and more important. The high efficient and flexible features of lightweight virtualization technology have brought new technical architectures and operation and maintenance models to the cloud computing industry. Meanwhile, they also introduced new security challenges, which have received widespread attention in both academia and industry. But its security problems lack systematic research. First, this paper introduces the architecture and application scenarios of lightweight virtualization technology. And we classify the attack methods it faces with by the layered model. Then, according to the system level of security solutions, the existing security defense methods and mechanisms are introduced and analyzed. Finally, this survey paper discusses the future work and suggested security research directions of lightweight virtualization technology. |
Key words: cloud computing lightweight virtualization container technology network security |