Fixed a little bug...
This commit is contained in:
@@ -45,24 +45,24 @@
|
||||
\textbf{CERT} & \textbf{C}omputer \textbf{E}mergency \textbf{R}esponse \textbf{T}eam \\
|
||||
\textbf{CAPEC} & \textbf{C}ommon \textbf{A}ttack \textbf{P}attern \textbf{E}numeration and \textbf{C}lassification \\
|
||||
\textbf{CCE} & \textbf{C}ommon \textbf{C}onfiguration \textbf{E}numeration \\
|
||||
\textbf{ATT\&CK} & \textbf{A}dversarial \textbf{T}actics, \textbf{T}echniques, and \textbf{C}ommon \textbf{K}nowledge \\
|
||||
\textbf{ATT\&CK} & \textbf{A}dversarial \textbf{T}actics, \textbf{T}echniques \textbf{\&} \textbf{C}ommon \textbf{K}nowledge \\
|
||||
\textbf{PoC} & \textbf{P}roof \textbf{o}f \textbf{C}oncept \\
|
||||
\textbf{SSH} & \textbf{S}ecure \textbf{SH}ell \\
|
||||
\textbf{AMI} & \textbf{A}mazon \textbf{M}achine \textbf{I}mage \\
|
||||
\textbf{GiB} & \textbf{G}ibi\textbf{B}yte \\
|
||||
\textbf{GiB} & \textbf{Gi}bi\textbf{B}yte \\
|
||||
\textbf{EBS} & \textbf{E}lastic \textbf{B}lock \textbf{S}tore \\
|
||||
\textbf{GHz} & \textbf{G}iga\textbf{H}ertz \\
|
||||
\textbf{GHz} & \textbf{G}iga\textbf{H}ert\textbf{z} \\
|
||||
\textbf{Gbps} & \textbf{G}iga\textbf{b}its \textbf{p}er \textbf{s}econd \\
|
||||
\textbf{CIS} & \textbf{C}enter for \textbf{I}nternet \textbf{S}ecurity \\
|
||||
\textbf{ARP} & \textbf{A}ddress \textbf{R}esolution \textbf{P}rotocol \\
|
||||
\textbf{DNS} & \textbf{D}omain \textbf{N}ame \textbf{S}ystem \\
|
||||
\textbf{MitM} & \textbf{M}an-\textbf{i}n-\textbf{t}he-\textbf{M}iddle \\
|
||||
\textbf{CPU} & \textbf{C}entral \textbf{P}rocessing \textbf{U}nit \\
|
||||
\textbf{SELinux} & \textbf{S}ecurity-\textbf{E}nhanced \textbf{L}inux \\
|
||||
\textbf{SELinux} & \textbf{S}ecurity-\textbf{E}nhanced \textbf{Linux} \\
|
||||
\textbf{SecComp} & \textbf{Sec}ure \textbf{Comp}uting \\
|
||||
\textbf{AppArmor} & \textbf{App}lication Armor \\
|
||||
\textbf{AppArmor} & \textbf{App}lication \textbf{Armor} \\
|
||||
\textbf{IP} & \textbf{I}nternet \textbf{P}rotocol \\
|
||||
\textbf{IPv4} & \textbf{I}nternet \textbf{P}rotocol \textbf{v}ersion 4 \\
|
||||
\textbf{IPv4} & \textbf{I}nternet \textbf{P}rotocol \textbf{v}ersion \textbf{4} \\
|
||||
\textbf{LAN} & \textbf{L}ocal \textbf{A}rea \textbf{N}etwork \\
|
||||
\textbf{RAM} & \textbf{R}andom \textbf{A}ccess \textbf{M}emory \\
|
||||
\textbf{ΛΣ} & \textbf{Λ}ειτουργικό \textbf{Σ}ύστημα \\
|
||||
|
||||
@@ -20,12 +20,13 @@
|
||||
στον χρήστη/οργανισμό και τον πάροχο νέφους. Η αύξηση ενδιαφέροντος από τις
|
||||
επιχειρήσεις προς τις τεχνολογίες εικονικοποίησης οι οποίες αποτελούν τα
|
||||
θεμέλια των υπηρεσιών IaaS, αλλά και η ραγδαία άνοδος της δημοτικότητας
|
||||
τεχνολογιών δοχείων όπως είναι το Docker άρχισε με την σειρά της να ενισχύει
|
||||
την υιοθέτηση της αρχιτεκτονικής μικρο-υπηρεσιών για την ανάπτυξη εφαρμογών.
|
||||
Μιας αρχιτεκτονικής που βασίζεται τόσο στις τεχνολογίες εικονικοποίησης για την
|
||||
στέγαση των εφαρμογών σε υποδομές νέφους όσο και στις τεχνολογίες δοχείων για
|
||||
την διαμέριση των λειτουργιών τους, προσφέροντας ένα κατάλληλο επίπεδο απόδοσης
|
||||
και κλιμακωσιμότητας \footfullcite{awsMicroservices}. Ωστόσο, παραμένουν άμεσα
|
||||
τεχνολογιών δοχείων όπως είναι το Docker, άρχισαν με την σειρά τους να
|
||||
ενισχύουν την υιοθέτηση της αρχιτεκτονικής μικρο-υπηρεσιών για την ανάπτυξη
|
||||
εφαρμογών. Μιας αρχιτεκτονικής που βασίζεται τόσο στις τεχνολογίες
|
||||
εικονικοποίησης για την στέγαση των εφαρμογών σε υποδομές νέφους όσο και στις
|
||||
τεχνολογίες δοχείων για την διαμέριση των λειτουργιών τους, προσφέροντας ένα
|
||||
κατάλληλο επίπεδο απόδοσης και κλιμακωσιμότητας
|
||||
\footfullcite{awsMicroservices}. Ωστόσο, οι εφαρμογές αυτές παραμένουν άμεσα
|
||||
ευεπηρέαστες σε ζητήματα ασφάλειας που μπορεί να αφορούν το ίδιο το νέφος ή/και
|
||||
τις τεχνολογίες στις οποίες στηρίζεται.
|
||||
|
||||
|
||||
@@ -12,8 +12,8 @@ the offered infrastructure resources). In addition, it is possible to scale the
|
||||
offered remote infrastructure, depending on the needs of the organization and
|
||||
the current workload of the services and applications to be supported. In this
|
||||
way, the responsibility for the equipment and its maintenance is transferred to
|
||||
third parties, while at the same a new model of trust is introduced between the
|
||||
user/organization and the cloud provider. The increased interest shown by
|
||||
third parties, while at the same time a new trust model is introduced between
|
||||
the user/organization and the cloud provider. The increased interest shown by
|
||||
enterprises when in comes to virtualization technologies (which are a key
|
||||
foundation of IaaS services) in conjunction with the rapid rise in popularity
|
||||
of container technologies such as Docker, has in turn begun to drive the
|
||||
@@ -21,8 +21,8 @@ adoption of the microservices architecture for application development. An
|
||||
architecture based on virtualization technologies for hosting applications in
|
||||
cloud infrastructures and container technologies for partitioning their
|
||||
functions and thus, providing an appropriate level of performance and
|
||||
scalability \footfullcite{awsMicroservices}. However, the technologies in
|
||||
question remain vulnerable to security issues that may affect the cloud itself
|
||||
scalability \footfullcite{awsMicroservices}. However, the applications in
|
||||
question remain vulnerable to security issues that may be tied to the cloud
|
||||
and/or the technologies on which it is based on.
|
||||
|
||||
}
|
||||
@@ -34,8 +34,8 @@ and/or the technologies on which it is based on.
|
||||
In this paper we will first analyze the security issues related to the cloud
|
||||
and in particular, those related to virtualization and container technologies.
|
||||
Then, we will analyze how these 2 technologies can be used in a more secure
|
||||
manner. However, the purpose of this paper goes beyond that and moves to a
|
||||
practical level, proposing the solution of a tool that can implement the
|
||||
manner. However, the purpose of this paper goes beyond that and moves to a more
|
||||
practical level by proposing the solution of a tool that can implement the
|
||||
proposed safe use of these technologies. In particular, this tool can not only
|
||||
create virtual machines across multiple cloud providers but also harden them in
|
||||
an automated manner. In addition, it is capable of installing the Docker
|
||||
@@ -44,7 +44,7 @@ goal of this work is to make it easier for an organization to install and
|
||||
configure in an automated manner a secure, distributed environment for the
|
||||
deployment and operation of a microservices application. This automation lies
|
||||
in the correct configuration of the tool, which does not require any special
|
||||
knowledge of technical or security issues in regard to infrastructure and
|
||||
knowledge on technical or security issues in regard to infrastructure and
|
||||
operating systems.
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user