62 lines
3.1 KiB
TeX
62 lines
3.1 KiB
TeX
\abstractenglish{
|
|
% skip indentation just for this paragraph
|
|
\textenglish{
|
|
|
|
\noindent Today, more and more people rely on IaaS (Infrastructure as a
|
|
Service) services over a traditional on-premise infrastructure to provide
|
|
computational support to applications, services and business processes. This is
|
|
due to the fact that the costs of an organization or business are reduced,
|
|
since there is no need for an upfront investment on the purchase of equipment.
|
|
Also, the operational cost of using IaaS services is based on flexible billing
|
|
models according to the usage (of the offered infrastructure resources). In
|
|
addition, it is possible to scale the offered remote infrastructure, depending
|
|
on the needs of the organization and the current workload of the services and
|
|
applications to be supported. In this way, the responsibility for the equipment
|
|
and its maintenance is transferred to third parties, while at the same time a
|
|
new trust model is introduced between the user/organization and the cloud
|
|
provider. The increased interest shown by enterprises when in comes to
|
|
virtualization technologies (which are a key foundation of IaaS services) in
|
|
conjunction with the rapid rise in popularity of container technologies such as
|
|
Docker, has in turn begun to drive the adoption of the microservices
|
|
architecture for application development. An architecture based on
|
|
virtualization technologies for hosting applications in cloud infrastructures
|
|
and container technologies for partitioning their functions into a set of
|
|
containers and thus, providing an appropriate level of performance and
|
|
scalability \cite{awsMicroservices}. However, such applications remain
|
|
vulnerable to security issues that may be tied to the cloud and/or the
|
|
technologies on which it is based.
|
|
|
|
}
|
|
|
|
\clearpage
|
|
|
|
\textenglish{
|
|
|
|
In this thesis we will first analyze the security issues related to the cloud
|
|
and in particular, those related to virtualization and container technologies.
|
|
Then, we will analyze how these two technologies can be used in a more secure
|
|
manner. However, the purpose of this thesis goes beyond that and moves to a
|
|
more practical level by proposing the solution of a tool that can implement the
|
|
proposed safe use of these technologies. In particular, this tool can not only
|
|
create virtual machines across multiple cloud providers but also harden them in
|
|
an automated manner. In addition, it is capable of installing the Docker
|
|
container engine on these virtual machines, which it can also harden. The main
|
|
goal of this work is to make it easier for an organization to install and
|
|
configure in an automated manner a secure, distributed environment for the
|
|
deployment and operation of a microservices application. This automation lies
|
|
in the correct configuration of our tool, which does not require any special
|
|
knowledge on technical or security issues concerning the infrastructure and
|
|
operating systems.
|
|
|
|
}
|
|
|
|
\vskip 60pt
|
|
|
|
\textenglish{
|
|
\noindent \textbf{Keywords:} Cloud, Security, Virtualization, Virtual Machines, Containers, Container Engine, Micro-services, Automation, Hardening
|
|
}
|
|
|
|
}
|
|
|
|
\clearpage % Abstract ended, start a new page
|