@inproceedings{balduzzi2012security, author = {Balduzzi, Marco and Zaddach, Jonas and Balzarotti, Davide and Kirda, Engin and Loureiro, Sergio}, title = {A Security Analysis of Amazon's Elastic Compute Cloud Service}, year = {2012}, isbn = {9781450308571}, publisher = {Association for Computing Machinery}, address = {New York, NY, USA}, url = {https://doi.org/10.1145/2245276.2232005}, doi = {10.1145/2245276.2232005}, booktitle = {Proceedings of the 27th Annual ACM Symposium on Applied Computing}, pages = {1427–1434}, numpages = {8}, keywords = {security, elastic compute cloud service, cloud computing}, location = {Trento, Italy}, series = {SAC '12} } @inproceedings{manu2016study, author = {Manu, A.R. and Patel, Jitendra Kumar and Akhtar, Shakil and Agrawal, V.K. and Subramanya Murthy, K.N. Bala}, booktitle = {2016 International Conference on Circuit, Power and Computing Technologies (ICCPCT)}, title = {A study, analysis and deep dive on cloud PAAS security in terms of Docker container security}, year = {2016}, volume = {}, number = {}, pages = {1-13}, doi = {10.1109/ICCPCT.2016.7530284} } @online{bui2015analysis, doi = {10.48550/ARXIV.1501.02967}, url = {https://arxiv.org/abs/1501.02967}, author = {Bui, Thanh}, keywords = {Cryptography and Security (cs.CR), FOS: Computer and information sciences, FOS: Computer and information sciences}, title = {Analysis of Docker Security}, publisher = {arXiv}, year = {2015}, copyright = {arXiv.org perpetual, non-exclusive license} } @inproceedings{wenhao2020vulnerability, author = {Wenhao, Jiang and Zheng, Li}, booktitle = {2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)}, title = {Vulnerability Analysis and Security Research of Docker Container}, year = {2020}, volume = {}, number = {}, pages = {354-357}, doi = {10.1109/ICISCAE51034.2020.9236837} } @article{combe2016docker, author = {Combe, Theo and Martin, Antony and Di Pietro, Roberto}, journal = {IEEE Cloud Computing}, title = {To Docker or Not to Docker: A Security Perspective}, year = {2016}, volume = {3}, number = {5}, pages = {54-62}, keywords = {}, doi = {10.1109/MCC.2016.100}, ISSN = {2325-6095}, month = {Sep.} } @inproceedings{loukidis2018docker, author = {Loukidis-Andreou, Fotis and Giannakopoulos, Ioannis and Doka, Katerina and Koziris, Nectarios}, booktitle = {2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS)}, title = {Docker-Sec: A Fully Automated Container Security Enhancement Mechanism}, year = {2018}, volume = {}, number = {}, pages = {1561-1564}, doi = {10.1109/ICDCS.2018.00169} } @inproceedings{mp2016enhancing, author = {Amith Raj MP and Kumar, Ashok and Pai, Sahithya J and Gopal, Ashika}, booktitle = {2016 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)}, title = {Enhancing security of Docker using Linux hardening techniques}, year = {2016}, volume = {}, number = {}, pages = {94-99}, doi = {10.1109/ICATCCT.2016.7911971} } @article{jogi2017establishing, title = {Establishing, Implementing and Auditing Linux Operating System Hardening Standard for Security Compliance}, author = {Jogi, Martin}, journal = {University of Tartu, Tartu}, year = {2017} } @article{kaur2014hardening, title = {Hardening OS Identity by Customised Masking Techniques}, author = {Kaur, Ratinder and Singh, Maninder}, journal = {Thapar University, Punjab, India}, year = {2014} } @article{zhu2021lic, title = {Lic-Sec: An enhanced AppArmor Docker security profile generator}, journal = {Journal of Information Security and Applications}, volume = {61}, pages = {102924}, year = {2021}, issn = {2214-2126}, doi = {https://doi.org/10.1016/j.jisa.2021.102924}, url = {https://www.sciencedirect.com/science/article/pii/S2214212621001435}, author = {Hui Zhu and Christian Gehrmann}, keywords = {Docker-sec, LiCShield, Lic-Sec, Container, Security evaluation, Docker} } @misc{John2020OS, title = {OS Hardening - Making systems more secure}, author = {John Ostrowski}, year = {2020} } @online{containerHistory, title = {The evolution of containers: Docker, Kubernetes and the future}, author = {Emily Mell}, year = {2023}, url = {https://www.techtarget.com/searchitoperations/feature/Dive-into-the-decades-long-history-of-container-technology} } @online{chrootCommand, title = {The chroot command in Linux – Beginners Introduction}, author = {Deeptendu Santra}, year = {2021}, url = {https://www.linuxfordevices.com/tutorials/linux/chroot-command-in-linux} } @online{SIDDARTH201910simple, title = {10 Simple Steps to Harden Your Docker Containers}, author = {SIDDARTH SENTHILKUMAR}, url = {https://sidsbits.com/10-Simple-Steps-to-Harden-Docker-Containers/}, year = {2019} } @online{LXC, title = {What's LXC?}, author = {Linux Containers}, url = {https://linuxcontainers.org/lxc/introduction/}, } @online{LXCvsDocker, title = {LXC vs Docker: Which Container Platform Is Right for You?}, author = {Eric Kahuha}, year = {2023}, url = {https://earthly.dev/blog/lxc-vs-docker/} } @online{chrootRestrictions, title = {Is chroot a security feature?}, author = {March 27, 2013Josh Bressers}, year = {2023}, url = {https://www.redhat.com/en/blog/chroot-security-feature} } @online{dockerhub, title = {Build and Ship any Application Anywhere}, author = {Docker}, url = {https://hub.docker.com/}, } @online{quay, title = {Quay builds, analyzes, distributes your container images}, author = {Red Hat}, url = {https://quay.io/}, } @online{oci, title = {Open Container Initiative}, author = {The Linux Foundation}, url = {https://opencontainers.org/}, } @online{LXCvsDocker2, title = {The Untold Story: Containers Before Docker's Rise - The LXC Revolution}, author = {Dinesh Patil}, year = {2023}, url = {https://www.linkedin.com/pulse/untold-story-containers-before-dockers-rise-lxc-revolution-patil} } @online{Hyperjacking, title = {What Is Hyperjacking? How to Prevent Hyperjacking on a VM}, author = {Allan Jay Monteclaro}, year = {2023}, url = {https://www.serverwatch.com/virtualization/hyperjacking/} } @online{waterfall, title = {Waterfall Methodology: A Comprehensive Guide}, author = {ATLASSIAN}, url = {https://www.atlassian.com/agile/project-management/waterfall-methodology} } @online{agile, title = {What Is Agile Project Management? The Ultimate Guide}, author = {Lee Davis}, year = {2022}, url = {https://www.forbes.com/advisor/business/what-is-agile-project-management/} } @online{devops, title = {DevOps}, author = {Synopsys}, url = {https://www.synopsys.com/glossary/what-is-devops.html} } @online{cicd, title = {What is CI/CD?}, author = {GitLab}, url = {https://about.gitlab.com/topics/ci-cd/} } @online{caas, title = {What is CaaS?}, author = {Sumo Logic}, url = {https://www.sumologic.com/glossary/caas/} } @online{caasVsIaas, title = {Container as a Service: The Basics and Top 4 Providers}, author = {aquasec}, year = {2023}, url = {https://www.aquasec.com/cloud-native-academy/container-platforms/container-as-a-service/} } @online{howCaasWorks, title = {The Guide to Containers-as-a-Service (CaaS)}, author = {Karim Traiaia}, year = {2023}, url = {https://www.kerno.io/blog/containers-as-a-service-caas} } @online{multiCloud, title = {What Is Multi-Cloud? Features, Architecture, Pros \& Cons}, author = {Sarim Javaid}, year = {2023}, url = {https://www.cloudways.com/blog/what-is-multi-cloud/} } @online{containerSecurity, title = {Containers or virtual machines: Which is more secure? The answer will surprise you}, author = {Steven Vaughan-Nichols}, year = {2018}, url = {https://www.zdnet.com/article/which-is-more-secure-containers-or-virtual-machines-the-answer-will-surprise-you/} } @online{containerSecurityExplained, title = {Containers and Cloud Security}, author = {James Bottomley}, year = {2018}, url = {https://blog.hansenpartnership.com/containers-and-cloud-security/} } @online{containerEscapeTechniques, title = {7 Ways to Escape a Container}, author = {Ori Abargil}, year = {2023}, url = {https://www.panoptica.app/research/7-ways-to-escape-a-container} } @online{saasPricingModel, title = {Our guide to every SaaS pricing model}, author = {vendr}, year = {2022}, url = {https://www.vendr.com/blog/saas-pricing-model#value-based-saas-pricing-models} } @online{paasPricingModel, title = {PaaS (Platform-as-a-Service) - definition \& overview}, author = {Sumo Logic}, url = {https://www.sumologic.com/glossary/paas/} } @online{cloudDeploymentModels, title = {An Overview of Cloud Deployment Models}, author = {Intel}, url = {https://www.intel.com/content/www/us/en/cloud-computing/deployment-models.html} } @online{redhatVirtualizationManagement, title = {What is virtualization management?}, author = {Red Hat}, year = {2018}, url = {https://www.redhat.com/en/topics/virtualization/what-is-virtualization-management} } @online{phoenixnapHypervisors, title = {What is a Hypervisor? Types of Hypervisors 1 \& 2}, author = {Sofija Simic}, year = {2022}, url = {https://phoenixnap.com/kb/what-is-hypervisor-type-1-2} } @online{amazonHypervisors, title = {What’s the Difference Between Type 1 and Type 2 Hypervisors?}, author = {Amazon Web Services}, url = {https://aws.amazon.com/compare/the-difference-between-type-1-and-type-2-hypervisors/} } @online{vmfailover, title = {What Is a Failover? Clustering and Replication Use Cases}, author = {NAKIVO Team}, year = {2023}, url = {https://www.nakivo.com/blog/vm-failover-guide/} } @online{kvm, title = {What is KVM?}, author = {Red Hat}, year = {2022}, url = {https://www.redhat.com/en/topics/virtualization/what-is-KVM} } @online{dataVirtualization, title = {Data Virtualization: Process, Components, Benefits, and Available Tools}, author = {altexsoft}, year = {2021}, url = {https://www.altexsoft.com/blog/data-virtualization/} } @online{desktopVirtualization, title = {What is Desktop Virtualization?}, author = {VMware}, url = {https://www.vmware.com/topics/glossary/content/desktop-virtualization.html} } @online{redhatNFV, title = {What is NFV?}, author = {Red Hat}, year = {2019}, url = {https://www.redhat.com/en/topics/virtualization/what-is-nfv} } @online{vmwareMemoryVirtualization, title = {Memory Virtualization}, author = {VMware}, year = {2019}, url = {https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.resmgmt.doc/GUID-6E85F6DE-7365-4C28-B902-725D3C76C2E6.html} } @online{codingninjasMemoryVirtualization, title = {Processor and Memory Virtualization}, author = {Rajat Agrawal}, year = {2023}, url = {https://www.codingninjas.com/studio/library/processor-and-memory-virtualization} } @online{ubackupStorageVirtualization, title = {What Is Storage Virtualization | Introduction and Implementation}, author = {Crystal}, year = {2022}, url = {https://www.ubackup.com/enterprise-backup/storage-virtualization-jkzbj.html} } @online{unixarenaVirtualization, title = {Virtualization & Hypervisor – Basic Interview Questions}, author = {LINGESH}, year = {2019}, url = {https://www.unixarena.com/2019/08/virtualization-hypervisor-basic-interview-questions.html/} } @online{cloudinfraStorageVirtualization, title = {Storage Virtualization in Cloud Computing – How it Works (Use Cases)}, author = {Dennis Muvaa}, url = {https://cloudinfrastructureservices.co.uk/storage-virtualization-in-cloud-computing-how-it-works-use-cases/} } @online{tutorialsPointVirtualization, title = {Virtualization 2.0 - Overview}, author = {Tutorials Point}, url = {https://www.tutorialspoint.com/virtualization2.0/virtualization2.0_overview.htm} } @online{geeksforgeeksApplicationVirtualization, title = {Virtualisation with Docker Containers}, author = {GeeksforGeeks}, year = {2023}, url = {https://www.geeksforgeeks.org/virtualisation-with-docker-containers/} } @online{mediumVirtualization, title = {Virtualization in Cloud Computing: Bridging the Gap Between Resources and Efficiency}, author = {TechClaw}, url = {https://medium.com/@techclaw/virtualization-in-cloud-computing-bridging-the-gap-between-resources-and-efficiency-3c5a9c65981e} } @online{insightsForProfessionalsParavirtualization, title = {Paravirtualization vs. Full Virtualization: Pros and Cons}, author = {Insights for Professionals}, year = {2022}, url = {https://www.insightsforprofessionals.com/it/data-center/paravirtualization-alternative-full-virtualization} } @online{blackberryParavirtualization, title = {Paravirtualization}, author = {BlackBerry}, url = {https://blackberry.qnx.com/en/ultimate-guides/automotive-hypervisor/paravirtualization} } @online{serverWatchParavirtualization, title = {What Is Paravirtualization? Definition and Uses}, author = {Ray Fernandez}, year = {2023}, url = {https://www.serverwatch.com/virtualization/what-is-paravirtualization/} } @online{vmblogParavirtualization, title = {What Are the Benefits of Paravirtualization?}, author = {David Marshall}, year = {2019}, url = {https://vmblog.com/archive/2019/07/23/what-are-the-benefits-of-paravirtualization.aspx} } @online{servermaniaParavirtualization, title = {What is Paravirtualization in Cloud Computing?}, author = {Milad Karimyar}, year = {2023}, url = {https://blog.servermania.com/what-is-paravirtualization} } @online{vmSnapshots, title = {Understanding the Correct Use of VM Snapshots}, author = {Nicolette Carklin}, year = {2021}, url = {https://www.parallels.com/blogs/ras/vm-snapshot/} } @online{techtargetHypervisorSecurity, title = {Virtual security tactics for Type 1 and Type 2 hypervisors}, author = {Stephen J. Bigelow}, year = {2013}, url = {https://www.techtarget.com/searchitoperations/answer/Virtual-security-tactics-for-Type-1-and-Type-2-hypervisors} } @online{hostitsmartMemoryVirtualization, title = {Memory Virtualization in Cloud Computing}, author = {Host IT Smart}, url = {https://www.hostitsmart.com/blog/memory-virtualization-in-cloud-computing/} } @online{petriMemoryVirtualization, title = {Intro to Virtualization: Hardware, Software, Memory, Storage, Data and Network Virtualization Defined}, author = {Bill Hill}, year = {2012}, url = {https://petri.com/intro-to-virtualization/} } @online{containerEscapeRepercussions, title = {5 security concerns when using Docker}, author = {Adrian Mouat}, year = {2016}, url = {https://www.oreilly.com/content/five-security-concerns-when-using-docker/} } @online{kubernetes, title = {What is Kubernetes?}, author = {Justin Ellingwood}, year = {2018}, url = {https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes} } @online{dockerSwarm, title = {What is Docker Swarm: Modes, Example and Working}, author = {Simplilearn}, year = {2023}, url = {https://www.simplilearn.com/tutorials/docker-tutorial/docker-swarm} } @online{Yathi2017Hardening, title = {Hardening Docker containers, images, and host - security toolkit}, author = {Yathi Naik}, year = {2017}, url = {https://cloud.redhat.com/blog/hardening-docker-containers-images-and-host-security-toolkit} } @online{StackRox2019Docker, title = {Docker Container Security 101: Risks and 33 Best Practices}, author = {StackRox}, year = {2019}, url = {https://www.stackrox.io/blog/docker-security-101/} } @online{Marcin2019Hardening, title = {Hardening Docker Quick Tips}, author = {Marcin Teodorczyk}, year = {2019}, url = {https://medium.com/intive-developers/hardening-docker-quick-tips-54ca9c283964} } @online{deviceWhitelistController, title = {Device Whitelist Controller}, author = {The Linux kernel user’s and administrator’s guide}, url = {https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/devices.html} } @online{dockerInherentSecurity, title = {The Inherent Security Benefits of Docker Containers}, author = {Christopher Tozzi}, url = {https://cloudnativenow.com/features/security-benefits-docker-containers/} } @online{gVisor, title = {The Container Security Platform}, author = {Google}, url = {https://gvisor.dev/} } @online{ibmVirtualizationDefinition, title = {What is virtualization?}, author = {IBM}, url = {https://www.ibm.com/topics/virtualization} } @online{redhatVirtualization, title = {What is virtualization?}, author = {Red Hat}, year = {2018}, url = {https://www.redhat.com/en/topics/virtualization/what-is-virtualization} } @online{suseParavirtualizationDefinition, title = {Paravirtualization}, author = {SUSE}, url = {https://www.suse.com/suse-defines/definition/paravirtualization/} } @online{geeksforgeeksParavirtualizationDefinition, title = {Difference between Full Virtualization and Paravirtualization}, author = {GeeksforGeeks}, url = {https://www.geeksforgeeks.org/difference-between-full-virtualization-and-paravirtualization/} } @online{geeksforgeeksHardwareAssistedVirtualization, title = {Hardware Based Virtualization}, author = {GeeksforGeeks}, url = {https://www.geeksforgeeks.org/hardware-based-virtualization/} } @online{sysdigContainerRuntime, title = {What are Container Runtimes?}, author = {Sysdig}, url = {https://sysdig.com/learn-cloud-native/container-security/what-are-container-runtimes/} } @online{redhatContainerRuntime, title = {How Kubernetes creates and runs containers: An illustrated guide}, author = {Bob Reselman}, year = {2022}, url = {https://www.redhat.com/architect/how-kubernetes-creates-runs-containers} } @online{codemotionContainerImages, title = {Container Images: Technical Refresher and Security Best Practices}, author = {Gilad David Maayan}, year = {2023}, url = {https://www.codemotion.com/magazine/cybersecurity/container-images-technical-refresher-and-security-best-practices/} } @online{osVirtualizationInfo, title = {OS-Level Virtualization}, author = {Vikas Jain, Vibha Goyal, Nitin Kundapur Bhat}, year = {2016}, url = {https://courses.engr.illinois.edu/cs423/sp2016/lectures/VirtOS.pdf} } @online{teimouriOsVirtualizationDefinition, title = {Operating-system-level virtualization}, author = {Davoud Teimouri}, year = {2017}, url = {https://www.teimouri.net/operating-system-level-virtualization/} } @online{webopediaOsVirtualizationDefinition, title = {Operating System-Level Virtualization}, author = {Vangie Beal}, year = {2021}, url = {https://www.webopedia.com/definitions/operating-system-level-virtualization/} } @online{ParavirtualizationSecurity, title = {Why Your Virtual Servers May be More Secure Than Their Physical Counterparts}, author = {Andrew Mallett}, year = {2019}, url = {https://ine.com/blog/why-your-virtual-servers-may-be-more-secure-than-their-physical-counterparts} } @online{ParavirtualizationVmware, title = {Understanding Full Virtualization, Paravirtualization and Hardware Assisted Virtualization}, author = {VMware}, year = {2007}, url = {https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/VMware_paravirtualization.pdf} } @online{awsMicroservices, title = {What are Microservices?}, author = {AWS}, url = {https://aws.amazon.com/microservices/} } @online{cloudzeroScalability, title = {Horizontal Vs. Vertical Scaling: How Do They Compare?}, author = {Cody Slingerland}, year = {2023}, url = {https://www.cloudzero.com/blog/horizontal-vs-vertical-scaling/} } @online{abacusFullParaOSVirtualization, title = {Three Types of Server Virtualization Explained}, author = {Abacus}, url = {https://goabacus.com/three-types-of-server-virtualization-explained/} } @online{ibmHypervisorDefinition, title = {What are hypervisors?}, author = {IBM}, url = {https://www.ibm.com/topics/hypervisors} } @online{ibmContainerizationDefinition, title = {What is containerization?}, author = {IBM}, url = {https://www.ibm.com/topics/containerization} } @online{ibmContainerSurvey, title = {Containers in the enterprise}, author = {IBM}, url = {https://www.ibm.com/downloads/cas/VG8KRPRM} } @online{ibmContainerVsVm, title = {Containers vs. Virtual Machines (VMs): What’s the Difference?}, author = {IBM}, url = {https://www.ibm.com/blog/containers-vs-vms/} } @online{ciaTriad, title = {What is the CIA triad (confidentiality, integrity and availability)?}, author = {Wesley Chai}, url = {https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA} } @online{redhatVirtualizationDefinition, title = {Understanding virtualization}, author = {Red Hat}, url = {https://www.redhat.com/en/topics/virtualization} } @online{redhatContainerVsVm, title = {Containers vs VMs}, author = {Red Hat}, year = {2020}, url = {https://www.redhat.com/en/topics/containers/containers-vs-vms} } @online{dockerAlternatives, title = {What Are The Best Docker Alternatives in 2022?}, author = {Cody Slingerland}, year = {2022}, url = {https://www.cloudzero.com/blog/docker-alternatives/} } @article{yasrab2018mitigating, title = {Mitigating docker security issues}, author = {Yasrab, Robail}, year = {2018}, journal = {arXiv preprint arXiv:1804.05039} } @online{ansible, title = {Ansible}, author = {Red Hat}, url = {https://www.ansible.com/} } @online{terraform, title = {Terraform}, author = {HashiCorp}, url = {https://www.terraform.io/} } @article{mell2011nist, title = {The NIST Definition of Cloud Computing}, author = {Peter Mell and Timothy Grance}, year = {2011}, month = {2011-09-28}, publisher = {Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD}, doi = {https://doi.org/10.6028/NIST.SP.800-145}, language = {en}, } @online{AkihiroSuda, author = {Akihiro Suda}, title = {rootlesskit}, year = {2020}, publisher = {GitHub}, journal = {GitHub repository}, url = {https://github.com/rootless-containers/rootlesskit} } @inproceedings{reshetova2014security, title = {Security of OS-level virtualization technologies}, author = {Reshetova, Elena and Karhunen, Janne and Nyman, Thomas and Asokan, N}, booktitle = {Nordic Conference on Secure IT Systems}, pages = {77--93}, year = {2014}, organization = {Springer} } @online{enisaSecurityOfVirtualization, title = {Security aspects of virtualization}, author = {ENISA}, year = {2017}, url = {https://www.enisa.europa.eu/publications/security-aspects-of-virtualization} } @article{arif2015virtualization, title = {Virtualization security: analysis and open challenges}, author = {Arif, Muhammad and Shakeel, Haroon}, journal = {International Journal of Hybrid Information Technology}, volume = {8}, number = {2}, pages = {237--246}, year = {2015} } @inproceedings{wen2008sevmm, title = {Sevmm: Vmm-based security control model}, author = {Wen-Zhi, Chen and Hong-Wei, Zhu and Wei, Huang}, booktitle = {2008 International Conference on Cyberworlds}, pages = {820--823}, year = {2008}, organization = {IEEE} } @inproceedings{virtualizationSecurity, author = {Sane, Bernard and Niang, Ibrahima and Fall, Doudou}, year = {2018}, month = {12}, pages = {1317-1322}, title = {A Review of Virtualization, Hypervisor and VM Allocation Security: Threats, Vulnerabilities, and Countermeasures}, doi = {10.1109/CSCI46756.2018.00255} } @article{Aalam_2021, doi = {10.1088/1742-6596/1950/1/012027}, url = {https://dx.doi.org/10.1088/1742-6596/1950/1/012027}, year = {2021}, month = {aug}, publisher = {IOP Publishing}, volume = {1950}, number = {1}, pages = {012027}, author = {Zunaid Aalam and Vinod Kumar and Surendra Gour}, title = {A review paper on hypervisor and virtual machine security}, journal = {Journal of Physics: Conference Series}, } @online{geeksforgeeksVirtualizationSecurityGoodPractices, title = {Hypervisor Security in Cloud Computing}, author = {GeeksforGeeks}, year = {2023}, url = {https://www.geeksforgeeks.org/hypervisor-security-in-cloud-computing/} } @online{accessAuthorizationPlugin, title = {Access authorization plugin}, author = {Docker}, url = {https://docs.docker.com/engine/extend/plugins_authorization/#access-authorization-plugin} } @online{podman, title = {What is Podman?}, author = {Red Hat}, year = {2022}, url = {https://www.redhat.com/en/topics/containers/what-is-podman} } @online{containerdRunc, title = {The differences between Docker, containerd, CRI-O and runc}, author = {Tom Donohue}, year = {2023}, url = {https://www.tutorialworks.com/difference-docker-containerd-runc-crio-oci/} } @online{containerOSlimitations, title = {Virtualization vs. Containerization — Comparing Differences}, author = {Liquid Web}, year = {2023}, url = {https://www.liquidweb.com/kb/virtualization-vs-containerization/} } @online{applicationContainerization, title = {Containerized Applications Overview}, author = {Knowledge Center}, url = {https://www.datadoghq.com/knowledge-center/containerized-applications/} } @online{apparmor, title = {AppArmor}, author = {AppArmor}, url = {https://apparmor.net/} } @online{selinux, title = {What is SELinux?}, author = {Red Hat}, year = {2019}, url = {https://www.redhat.com/en/topics/linux/what-is-selinux} } @online{seccomp, title = {Improving Linux container security with seccomp}, author = {Valentin Rothberg}, year = {2020}, url = {https://www.redhat.com/sysadmin/container-security-seccomp} }