Technical Report on Container Security (III)-3

Technical Report on Container Security (III)-3

December 29, 2018 | Mina Hao

Security Risks and Challenges – Container Application Security Threat

Container Application Security Threat

  • Microservice Security

From traditional monolithic applications to modern microservice applications, security has always been a hot issue. A monolithic application usually exposes fewer services and ports,narrowing the attack surface. In addition, security professionals know common points from which attacks are often launched. Therefore, security is not that big of a problem for such applications as long as they are properly protected.

By contrast, the microservice model splits traditional monolithic application modules into separate services, resulting in a greater number of exposed ports and a broader attack surface. As for the traditional monolithic architecture, it is enough to protect only one entrance for access permissions, authorization, and isolation audits.

The microservice architecture contains a number of services, access to each of which should be properly monitored, controlled, and protected. Just imagine that an authentication token is leaked or a forged access credential is accepted for a service. This will put the entire system in jeopardy. Such threats undoubtedly add to the difficulty of microservice protection.

A microservice architecture consists of a collection of small, autonomous services. Although this model lays particular emphasis on isolation, lightweight, independent development and deployment, and loose coupling of services, sometimes services need to be closely connected for a particular purpose, for example, sharing data. Connections between these services in the microservice architecture are usually point-to-point. With the increase of connections, once a service is compromised due to a vulnerability, other services connecting to it will also be affected, finally leading to the attacker taking control of the entire system.

Moreover, microservices usually use containers as carriers. This means that applications are packaged into images and run in the microservice architecture as containers in a distributed manner. Containers themselves are vulnerable to threats, such as container escape and container network attacks.

  • DevOps Security

In the big data era that sees rapid growth of networks, many enterprises maintain an “agile” mindset and take “agile” actions. For example, DevOps, as a new development and operations model, shortens the wait time at various stages of the software lifecycle and reduces redundant and manual labor, thus significantly cutting down the problem resolving cost and enhancing the efficiency of agile development. But the preference of agility to security can be a dangerous signal, which has been repeatedly verified in practice[I].

On November 22, 2017, Uber released a statement, acknowledging that the company suffered a breach in 2016 that exposed massive personal information. According to this statement, two hackers attacked Uber through a third-party cloud service, stealing data of 57 million users, including names and license numbers of drivers and names, email addresses, and mobile numbers of customers. The subsequent investigation found that the data breach had been caused by Uber engineers’ storage of security keys for unlocking the database on a GitHub page that was publicly accessible.

This is not the only case where data is disclosed because of misoperations. What deserves particular attention is that the rapid development of cloud environments and DevOps nowadays has brought forth much more security risks. Frans Rosén, a security advisor from the security company Detectify, said in a report released on July 13, 2017 that network administrators too often glossed over rules for configuring AWS’s access control lists (ACLs) and the misconfiguration of servers had caused a large number of data breaches.

More and more consumers, supervisory bodies, and markets have found that the cost of data breaches arising therefrom can be unacceptably exorbitant. Because of the leak of data, hundreds of millions of dollars may be lost in market capital overnight and consumers’ confidence in organizations degraded. In certain circumstances, an organization’s executives may even meet their Waterloo in their careers. Some enterprises relying heavily on data may literally close down due to an unintentional negligence in the storage of keys.

(To be continued)

[I] 10 Things to Get Right for Successful DevSecOps, Gartner, October 2017,