Cloud Security: Inter-Host Docker Container Communication using Vault Dynamic Secrets
Ramesh K V1, G T Raju2
1Mr. Ramesh K V, Ph.D Scholar, Department of Software Consultant, Tanmay Consultancy Pvt Ltd Wokingham UK.
2Dr. G T Raju, Vice-Principal, Professor & HOD, RNSIT Bangalore (Karnataka), India.
Manuscript received on 05 December 2019 | Revised Manuscript received on 13 December 2019 | Manuscript Published on 31 December 2019 | PP: 395-401 | Volume-9 Issue-2S December 2019 | Retrieval Number: B10351292S19/2019©BEIESP | DOI: 10.35940/ijitee.B1035.1292S19
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open-access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: In this paper we attempt to address Inter-Host Docker container communications security issues by incorporating a latest approach provided by Vault Hashicorp dynamic secret mechanism for managing SSH keys and server credentials. A simulation environment is prepared for Inter-Host container communication consisting of one host running locally and the peer host running as an AWS EC2 instance in cloud. Industry standard monitoring tool Grafana is used in the simulation environment to highlight the security impacts for any organization. We also draw special attention to some of the security vulnerabilities in docker container like ARP spoofing, Integrity of the docker host and containers and MAC flooding attacks. We try to list some best practices to be followed when using docker containers in any production deployments.
Keywords: Docker Containers, Dynamic Secrets, Grafana, Cloud Security, Vault Hashicorp.
Scope of the Article: Security, Privacy and Trust in IoT & IoE