Implementing a Secured Container Workload in the Cloud
Raheem, Muftau (2021)
Raheem, Muftau
2021
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-202102162362
https://urn.fi/URN:NBN:fi:amk-202102162362
Tiivistelmä
The objective of this thesis was to research the different security controls to consider when implementing container workloads in the cloud, the current threats affecting container workloads in the cloud, the mitigation to the threats and finally find the cloud security recommendations to secure the workloads.
The action-based research methodology was used, where the researcher is actively involved in ensuring that the commissioner is aware of the risks associated with implementing the container workloads in the cloud and implementing the recommended guidelines presented in this study to mitigate the risks. Information security guidelines, benchmarks, scientific and industry whitepapers have been used in the research.
The research shows that securing of container workloads must be with a “shift left” approach in which security is included at every stage of the container lifecycle. A set of threats and associated mitigations were identified to be critical to securely deploy container workloads in the cloud. This research also examined the different hardening techniques of the k8s cloud-managed service and the applicable security standards for organisations to consider when deploying container workloads in the cloud. The result of this thesis will serve as a guideline for the commissioner and other organisations planning to implement a secured container workload in the cloud.
The action-based research methodology was used, where the researcher is actively involved in ensuring that the commissioner is aware of the risks associated with implementing the container workloads in the cloud and implementing the recommended guidelines presented in this study to mitigate the risks. Information security guidelines, benchmarks, scientific and industry whitepapers have been used in the research.
The research shows that securing of container workloads must be with a “shift left” approach in which security is included at every stage of the container lifecycle. A set of threats and associated mitigations were identified to be critical to securely deploy container workloads in the cloud. This research also examined the different hardening techniques of the k8s cloud-managed service and the applicable security standards for organisations to consider when deploying container workloads in the cloud. The result of this thesis will serve as a guideline for the commissioner and other organisations planning to implement a secured container workload in the cloud.