62 lines
3.1 KiB
TeX
62 lines
3.1 KiB
TeX
\abstractenglish{
|
|
% skip indentation just for this paragraph
|
|
\textenglish{
|
|
|
|
\noindent Today, more and more people rely on IaaS
|
|
(Infrastructure-as-a-Service) services over a traditional on-premise
|
|
infrastructure to provide computational support to applications, services and
|
|
business processes. This is due to the fact that the costs of an organization
|
|
or business are reduced, since there is no need for an upfront investment on
|
|
the purchase of equipment. Also, the operational cost of using IaaS services is
|
|
based on flexible billing models according to the usage (of the offered
|
|
infrastructure resources). In addition, it is possible to scale the offered
|
|
remote infrastructure, depending on the needs of the organization and the
|
|
current workload of the services and applications to be supported. In this way,
|
|
the responsibility for the equipment and its maintenance is transferred to
|
|
third parties, while at the same time a new trust model is introduced between
|
|
the user/organization and the cloud provider. The increased interest shown by
|
|
enterprises when in comes to virtualization technologies (which are a key
|
|
foundation of IaaS services) in conjunction with the rapid rise in popularity
|
|
of container technologies such as Docker, has in turn begun to drive the
|
|
adoption of the microservices architecture for application development. An
|
|
architecture based on virtualization technologies for hosting applications in
|
|
cloud infrastructures and container technologies for partitioning their
|
|
functions into a set of containers and thus, providing an appropriate level of
|
|
performance and scalability \cite{awsMicroservices}. However, such applications
|
|
remain vulnerable to security issues that may be tied to the cloud and/or the
|
|
technologies on which it is based.
|
|
|
|
}
|
|
|
|
\clearpage
|
|
|
|
\textenglish{
|
|
|
|
In this thesis we will first analyze the security issues related to the cloud
|
|
and in particular, those related to virtualization and container technologies.
|
|
Then, we will analyze how these two technologies can be used in a more secure
|
|
manner. However, the purpose of this thesis goes beyond that and moves to a
|
|
more practical level by proposing the solution of a tool that can implement the
|
|
proposed safe use of these technologies. In particular, this tool can not only
|
|
create virtual machines across multiple cloud providers but also harden them in
|
|
an automated manner. In addition, it is capable of installing the Docker
|
|
container engine on these virtual machines, which it can also harden. The main
|
|
goal of this work is to make it easier for an organization to install and
|
|
configure in an automated manner a secure, distributed environment for the
|
|
deployment and operation of a microservices application. This automation lies
|
|
in the correct configuration of our tool, which does not require any special
|
|
knowledge on technical or security issues in regard to infrastructure and
|
|
operating systems.
|
|
|
|
}
|
|
|
|
\vskip 60pt
|
|
|
|
\textenglish{
|
|
\noindent \textbf{Keywords:} Cloud, Security, Virtualization, Virtual Machines, Containers, Container \mbox{Engine}, Micro-services, Automation, Hardening
|
|
}
|
|
|
|
}
|
|
|
|
\clearpage % Abstract ended, start a new page
|