Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.6.1205

A Study on Integrity Protection of Edge Computing Application Based on Container Technology  

Lee, Changhoon (School of Cybersecurity, Korea University)
Shin, Youngjoo (School of Cybersecurity, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.6, 2021 , pp. 1205-1214 More about this Journal
Abstract
Edge Computing is used as a solution to the cost problem and transmission delay problem caused by network bandwidth consumption that occurs when IoT/CPS devices are integrated into the cloud by performing artificial intelligence (AI) in an environment close to the data source. Since edge computing runs on devices that provide high-performance computation and network connectivity located in the real world, it is necessary to consider application integrity so that it is not exploited by cyber terrorism that can cause human and material damage. In this paper, we propose a technique to protect the integrity of edge computing applications implemented in a script language that is vulnerable to tampering, such as Python, which is used for implementing artificial intelligence, as container images and then digitally signed. The proposed method is based on the integrity protection technology (Docker Contents Trust) provided by the open source container technology. The Docker Client was modified and used to utilize the whitelist for container signature information so that only containers allowed on edge computing devices can be operated.
Keywords
Edge Computing; Application Integrity; Docker; Container; Docker Contents Trust;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J.H. Hong, K,C. Lee, and S.Y. Lee, "Trends in edge computing technology," Electronics and Telecommunications Trends, 35(6), pp. 78-87, Dec. 2020.   DOI
2 Hyung-Sun Kim and Hong-Chul Lee, "Development of edge cloud platform for IoT based smart factory implementation," Journal of The Korea Society of Computer and Information, 24(5), pp. 49-58, May 2019.   DOI
3 AKM, ASHIQUZZAMAN, Dongsu Lee, Seungmin Oh, Jihoon Lee, and Jinsul Kim, "A Study on deep learning-based product data visualization and intelligent monitoring technology in smart factory environment," Journal of Digital Contents Society, 20(10), pp.1933-1942, Oct. 2019.   DOI
4 Kwihoon Kim and Bangwon Seo "Intelligent construction video management system based on edge computing using deep learning," The Journal of Korean Institute of Information Technology, 17(7), pp. 55-63. Jul. 2019.   DOI
5 Qureshi, Basit, Kamal Kawlaq, Anis Koubaa, Basel Saeed, and Mohammad Younis, "A commodity SBC-edge cluster for smart cities," In 2019 2nd International Conference on Computer Applications & Information Security, pp. 1-6, May 2019.
6 Tsai, Pei-Hsuan, Hua-Jun Hong, An-Chieh Cheng, and Cheng-Hsin Hsu, "Distributed analytics in fog computing platforms using tensorflow and kubernetes," In 2017 19th Asia-Pacific Network Operations and Management Symposium (APNOMS). pp. 145-150, Nov. 2017.
7 Javed, Asad, Jeremy Robert, Keijo Heljanko, and Kary Framling, "IoTEF: AW federated edge-cloud architecture for fault-tolerant IoT applications," Journal of Grid Computing, Vol. 18, pp. 1-24, Mar. 2020.   DOI
8 Jeong, So-Won, Yu-Rim Choi, and Il-Gu Lee. "Cyber killchain based security policy utilizing hash for internet of things," Journal of Digital Convergence, 16(9), pp. 179-185, Sep. 2018.   DOI
9 De Benedictis, Marco, and Antonio Lioy, "Integrity verification of docker containers for a lightweight cloud environment," Future Generation Computer Systems, Vol. 97, pp. 236-246, Aug. 2019.   DOI
10 Content trust in Docker | Docker Documentation, "Content trust in docker",https://docs.docker.com/engine/security/trust/, Nov. 2021.
11 Container Registry | Google Cloud, "Google Container registry",https://cloud.google.com/container-registry/, Nov. 2021.