  • 孔同,王利明,徐震,马多贺.轻量级虚拟化技术安全研究综述[J].信息安全学报,已采用    [点击复制]
  • KONG Tong,WANG Liming,XU Zhen,MA Duohe.Survey on Lightweight Virtualization Technology Security[J].Journal of Cyber Security,Accept   [点击复制]
孔同1,2,3, 王利明1, 徐震1, 马多贺1
(1.中国科学院信息工程研究所 北京 中国 100093;2.中国科学院大学 网络空间安全学院 北京 中国 100049;3.国家工业信息安全发展研究中心 北京 中国 100040)
关键词:  云计算  轻量级虚拟化  容器技术  网络安全
Survey on Lightweight Virtualization Technology Security
KONG Tong1,2,3, WANG Liming1, XU Zhen1, MA Duohe1
(1.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;2.School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China;3.China Industrial Control System Cyber Emergency Response Team, Beijing, 100040, China)
With the rapid development of lightweight virtualization technology represented by container technology, its position in the cloud computing is becoming more and more important. The high efficient and flexible features of lightweight virtualization technology have brought new technical architectures and operation and maintenance models to the cloud computing industry. Meanwhile, they also introduced new security challenges, which have received widespread attention in both academia and industry. But its security problems lack systematic research. First, this paper introduces the architecture and application scenarios of lightweight virtualization technology. And we classify the attack methods it faces with by the layered model. Then, according to the system level of security solutions, the existing security defense methods and mechanisms are introduced and analyzed. Finally, this survey paper discusses the future work and suggested security research directions of lightweight virtualization technology.
Key words:  cloud computing  lightweight virtualization  container technology  network security