Authors
Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'keeffe, Mark L Stillwell, David Goltzsche, Dave Eyers, Rüdiger Kapitza, Peter Pietzuch, Christof Fetzer
Publication date
2016
Conference
12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16)
Pages
689-703
Description
In multi-tenant environments, Linux containers managed by Docker or Kubernetes have a lower resource footprint, faster startup times, and higher I/O performance compared to virtual machines (VMs) on hypervisors. Yet their weaker isolation guarantees, enforced through software kernel mechanisms, make it easier for attackers to compromise the confidentiality and integrity of application data within containers.
Total citations
201720182019202020212022202320249413315715417514712920
Scholar articles
S Arnautov, B Trach, F Gregor, T Knauth, A Martin… - 12th USENIX Symposium on Operating Systems …, 2016
S Arnautov, B Trach, F Gregor, T Knauth, A Martin… - Proceedings of the 12th USENIX Conference on …
S Arnautov, B Trach, F Gregor, T Knauth, A Martin… - Proceedings of the 12th USENIX Symposium on …
PR Pietzuch, S Arnautov, B Trach, F Gregor, T Knauth… - 12th USENIX Symposium on Operating Systems …, 2016
S Arnautov, B Trach, F Gregor, T Knauth, A Martin…
S Arnautov, B Trach, F Gregor, T Knauth, A Martin… - 12th USENIX Symposium on Operating Systems …