fixed conflicts (LOL merge -s ours; push -f)

2023-10-18 22:44:27 +03:00
commit 3b4c1171ef
18 changed files with 1164 additions and 0 deletions
--- a/Bibliography.bib
+++ b/Bibliography.bib
@@ -0,0 +1,162 @@
+@inproceedings{balduzzi2012security,
+	author = {Balduzzi, Marco and Zaddach, Jonas and Balzarotti, Davide and Kirda, Engin and Loureiro, Sergio},
+	title = {A Security Analysis of Amazon's Elastic Compute Cloud Service},
+	year = {2012},
+	isbn = {9781450308571},
+	publisher = {Association for Computing Machinery},
+	address = {New York, NY, USA},
+	url = {https://doi.org/10.1145/2245276.2232005},
+	doi = {10.1145/2245276.2232005},
+	booktitle = {Proceedings of the 27th Annual ACM Symposium on Applied Computing},
+	pages = {1427–1434},
+	numpages = {8},
+	keywords = {security, elastic compute cloud service, cloud computing},
+	location = {Trento, Italy},
+	series = {SAC '12}
+}
+
+@inproceedings{manu2016study,
+      	author={Manu, A.R. and Patel, Jitendra Kumar and Akhtar, Shakil and Agrawal, V.K. and Subramanya Murthy, K.N. Bala},
+      	booktitle={2016 International Conference on Circuit, Power and Computing Technologies (ICCPCT)},
+     	title={A study, analysis and deep dive on cloud PAAS security in terms of Docker container security},
+     	year={2016},
+      	volume={},
+      	number={},
+      	pages={1-13},
+      	doi={10.1109/ICCPCT.2016.7530284}
+}
+
+@misc{bui2015analysis,
+	doi = {10.48550/ARXIV.1501.02967},
+	url = {https://arxiv.org/abs/1501.02967},
+	author = {Bui, Thanh},
+	keywords = {Cryptography and Security (cs.CR), FOS: Computer and information sciences, FOS: Computer and information sciences},
+	title = {Analysis of Docker Security},
+	publisher = {arXiv},
+	year = {2015},
+	copyright = {arXiv.org perpetual, non-exclusive license}
+}
+
+@inproceedings{wenhao2020vulnerability,
+	author={Wenhao, Jiang and Zheng, Li},
+	booktitle={2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)}, 
+	title={Vulnerability Analysis and Security Research of Docker Container}, 
+	year={2020},
+	volume={},
+	number={},
+	pages={354-357},
+	doi={10.1109/ICISCAE51034.2020.9236837}
+}
+
+@article{combe2016docker,
+      	author={Combe, Theo and Martin, Antony and Di Pietro, Roberto},
+      	journal={IEEE Cloud Computing},
+     	title={To Docker or Not to Docker: A Security Perspective},
+     	year={2016},
+      	volume={3},
+      	number={5},
+      	pages={54-62},
+      	keywords={},
+      	doi={10.1109/MCC.2016.100},
+      	ISSN={2325-6095},
+      	month={Sep.}
+}
+
+@inproceedings{loukidis2018docker,
+      	author={Loukidis-Andreou, Fotis and Giannakopoulos, Ioannis and Doka, Katerina and Koziris, Nectarios},
+      	booktitle={2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS)},
+     	title={Docker-Sec: A Fully Automated Container Security Enhancement Mechanism},
+     	year={2018},
+      	volume={},
+      	number={},
+      	pages={1561-1564},
+      	doi={10.1109/ICDCS.2018.00169}
+}
+
+@inproceedings{mp2016enhancing,
+      	author={Amith Raj MP and Kumar, Ashok and Pai, Sahithya J and Gopal, Ashika},
+      	booktitle={2016 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)},
+     	title={Enhancing security of Docker using Linux hardening techniques},
+     	year={2016},
+      	volume={},
+      	number={},
+      	pages={94-99},
+      	doi={10.1109/ICATCCT.2016.7911971}
+}
+
+@article{jogi2017establishing,
+  title={Establishing, Implementing and Auditing Linux Operating System Hardening Standard for Security Compliance},
+  author={Jogi, Martin},
+  journal={University of Tartu, Tartu},
+  year={2017}
+}
+
+@article{kaur2014hardening,
+  title={Hardening OS Identity by Customised Masking Techniques},
+  author={Kaur, Ratinder and Singh, Maninder},
+  journal={Thapar University, Punjab, India},
+  year={2014}
+}
+
+@article{zhu2021lic,
+	title = {Lic-Sec: An enhanced AppArmor Docker security profile generator},
+	journal = {Journal of Information Security and Applications},
+	volume = {61},
+	pages = {102924},
+	year = {2021},
+	issn = {2214-2126},
+	doi = {https://doi.org/10.1016/j.jisa.2021.102924},
+	url = {https://www.sciencedirect.com/science/article/pii/S2214212621001435},
+	author = {Hui Zhu and Christian Gehrmann},
+	keywords = {Docker-sec, LiCShield, Lic-Sec, Container, Security evaluation, Docker}
+}
+
+@misc{John2020OS,
+  title={OS Hardening - Making systems more secure},
+  author={John Ostrowski},
+  year={2020}
+}
+
+@misc{SIDDARTH201910simple,
+  title={10 Simple Steps to Harden Your Docker Containers},
+  author={SIDDARTH SENTHILKUMAR},
+  howpublished="\url{https://sidsbits.com/10-Simple-Steps-to-Harden-Docker-Containers/}",
+  year={2019}
+}
+
+@misc{Yathi2017Hardening,
+  title={Hardening Docker containers, images, and host - security toolkit},
+  author={Yathi Naik},
+  howpublished="\url{https://cloud.redhat.com/blog/hardening-docker-containers-images-and-host-security-toolkit}",
+  year={2017}
+}
+
+@misc{StackRox2019Docker,
+  title={Docker Container Security 101: Risks and 33 Best Practices},
+  author={StackRox},
+  howpublished="\url{https://www.stackrox.io/blog/docker-security-101/}",
+  year={2019}
+}
+
+@misc{Marcin2019Hardening,
+  title={Hardening Docker Quick Tips},
+  author={Marcin Teodorczyk},
+  howpublished="\url{https://medium.com/intive-developers/hardening-docker-quick-tips-54ca9c283964}",
+  year={2019}
+}
+
+@misc{deviceWhitelistController,
+  title={Device Whitelist Controller},
+  author={The Linux kernel user’s and administrator’s guide},
+  howpublished="\url{https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/devices.html}"
+}
+
+@inproceedings{reshetova2014security,
+  title={Security of OS-level virtualization technologies},
+  author={Reshetova, Elena and Karhunen, Janne and Nyman, Thomas and Asokan, N},
+  booktitle={Nordic Conference on Secure IT Systems},
+  pages={77--93},
+  year={2014},
+  organization={Springer}
+}
+