• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.7
• /
• pp.1047-1059
• /
• 2022

With the development of cloud computing technology, container technology that provides services based on a virtual environment is also developing. Container orchestration technology is a key element for cloud services, and it has become an important core technology for building, deploying, and testing large-scale containers with automation. Originally designed by Google and now managed by the Linux Foundation, Kubernetes is one of the container orchestrations and has become the de facto standard. However, despite the increasing use of Kubernetes in container orchestration, the number of incidents due to security vulnerabilities is also increasing. Therefore, in this paper, we study the vulnerabilities of Kubernetes and propose a security policy that can consider security from the initial development or design stage through threat analysis. In particular, we intend to present a specific security guide by classifying security threats by applying STRIDE threat modeling.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.3
• /
• pp.26-33
• /
• 2017

Recently container technologies have been receiving attention for efficient use of the cloud platform. Container virtualization technology has the advantage of a highly portable, high density when compared with the existing hypervisor. Container virtualization technology, however, uses a virtualization technology at the operating system level, which is shared by a single kernel to run multiple instances. For this reason, the feature of container is that the attacker can obtain the root privilege of the host operating system internal the container. Due to the characteristics of the container, the attacker can attack the root privilege of the host operating system in the container utilizing the vulnerability of the kernel. In this paper, we propose a framework for efficiently detecting and responding to root privilege attacks of a host operating system in a container. This framework uses a memory trap technique to detect changes in a specific memory area of a container and to suspend the operation of the container when it is detected.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2023.05a
• /
• pp.227-229
• /
• 2023

해상을 통해 반출입되는 항만 컨테이너는 선박과 항만에서의 안전사고를 예방하기 위해 국제해상위험물규칙의 규정을 준수하였는지 검사하고 컨테이너의 안전성을 점검한다. 하지만 지금까지의 컨테이너 및 위험화물의 검색은 대부분 사람에 의한 수동 운용으로 이루어지고 있어 향후 자율운항선박의 도래에 따른 자동화 항만을 위해서는 자동화된 검색 기술과 더불어 대상 컨테이너의 무인 자동화 검색이 가능하도록 운영이 될 필요가 있으며, 보다 진보적이고 효과적인 컨테이너 검색기술을 활용하기 위해 컨테이너 검색정보 표준을 개발하여 컨테이너 보안검색의 효율성 및 검색 활동에 대한 업무 비효율적인 문제를 해결하고자 한다.

• Journal of Navigation and Port Research
• /
• v.47 no.6
• /
• pp.437-447
• /
• 2023

By actively adopting technologies from the Fourth Industrial Revolution, the port industry is trending toward new types of ports, such as automated and smart ports. However, behind the development of these ports, there is an increasing risk of cyber security incidents and threats within ports and container terminals, including information leakage through cargo handling equipment and ransomware attacks leading to disruptions in terminal operations. Despite the necessity of research to enhance cyber security within ports, there is a lack of such studies in the domestic context. This study focuses on Busan Port, a representative port in South Korea that actively incorporates technology from the Fourth Industrial Revolution, in order to discover variables for improving cyber security in container terminals. The research results categorized factors for enhancing cyber security in Busan Port's container terminals into network construction and policy support, standardization of education and personnel training, and legal and regulatory factors. Subsequently, multiple regression analysis was conducted based on these factors, leading to the identification of detailed factors for securing and enhancing safety, reliability, performance, and satisfaction in Busan Port's container terminals. The significance of this study lies in providing direction for enhancing cyber security in Busan Port's container terminals and addressing the increasing incidents of cyber security attacks within ports and container terminals.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.7
• /
• pp.1613-1620
• /
• 2011

CSD is IEEE Stan없rd 802.15.4b based Container Security Device which is proposed by the U.S Department of Home Security. It is mounted inside the container to sense opening of the container door. ConTracer is the CSD which is developed in this research whose major features are sensing door opening status as well as history inquiring on internal environment and shock to the container by mounting the temperature/humidity/shock sensors. Moreover, its RFID frequency bandwidth uses 2.4GHz 10 correspond actively to the radio regulations used by different countries. This. paper introduces the development trend of CSD, compares the ConTracer which is developed thru this research and other company's CSD, and introduces CSD System which is designed and established using ConTracer. Finally, the implemented CSD System is verified by applying the demonstration service to container distribution between Korea and Japan.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2020.11a
• /
• pp.478-481
• /
• 2020

해상 운송에 사용되는 기존 컨테이너 화물을 대상으로, 내부부착 장비를 통한 실시간 IoT 모니터링 시스템 및 컨테이너 정보보안을 위한 블록체인을 구축함으로써 편리성 및 보안성을 강화하여 컨테이너의 지능화를 구현한다. 이 연구를 통해 해상 운송의 단점을 보완하고, 기존 컨테이너의 규격과 형식을 크게 변경하지 않고 컨테이너를 지능화할 수 있음을 기대할 수 있다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2021.01a
• /
• pp.1-3
• /
• 2021

서버 가상화 기술은 초기 하이퍼바이저 방식에서 비즈니스 민첩성을 높일 수 있는 컨테이너 기술로 진화하고 있다. 하지만, 컨테이너 기술은 운영체제를 공유하고 잦은 빌드와 배포로 보안과 안정성에 대한 문제가 제기되고 있다. 이에 따라 본 논문에서는 서버 가상화 기술인 하이퍼바이저와 컨테이너 기술을 비교분석하고 애플리케이션 특성을 분석한다. 하이퍼바이저 기술은 하드웨어 가상화를 통해 안정성이 높은 반면 복잡하고 무거우며 속도가 느린 단점이 있다. 컨테이너 기술은 하이퍼바이저에 비해 가볍고 성능이 향상되는 반면 보안 및 안정성에 문제가 발생할 수 있다는 단점이 있다. 이를 통해 미션 크리티컬 워크로드를 가진 애플리케이션은 안정성이 우수한 하이퍼바이저 기술이 적합하고, 자원 사용이 가변적인 애플리케이션은 서버 확장이 유연하고 성능이 우수한 컨테이너 기술이 적합하다고 제안한다.

• Journal of Internet of Things and Convergence
• /
• v.9 no.3
• /
• pp.21-26
• /
• 2023

The development and distribution approach of applications is transitioning from a monolithic architecture to microservices and containerization, a lightweight virtualization technology, is becoming a core IT technology. However, unlike traditional virtual machines based on hypervisors, container technology does not provide concrete security boundaries as it shares the same kernel. According to various preceding studies, there are many security vulnerabilities in most container images that are currently shared. Accordingly, attackers may attempt exploitation by using security vulnerabilities, which may seriously affect the system environment. Therefore, in this study, we propose an efficient automated deployment pipeline design to prevent the distribution of container images with security vulnerabilities, aiming to provide a secure container environment. Through this approach, we can ensure a safe container environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.2B
• /
• pp.244-251
• /
• 2010

CSD is Active RFID based Container Security Device which is proposed by the U.S Department of Home Security. It is mounted inside the container to sense opening of the container door. ConTracer is the CSD which is developed in this research whose major features are sensing door opening status as well as history inquiring on internal environment and shock to the container by mounting the temperature/humidity/shock sensors. Moreover, its RFID frequency bandwidth uses 433MHz and 2.4GHz to correspond actively to the radio regulations used by different countries. This paper introduces the development trend of CSD, compares the ConTracer which is developed thru this research and other company's CSD, and introduces CSD System which is designed and established using ConTracer. Finally, the implemented CSD System is verified by applying the demonstration service to container distribution between Korea and China.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.637-645
• /
• 2022

Cloud computing has been gaining popularity over decades, and container, a technology that is primarily used in cloud native applications, is also drawing attention. Although container technologies are lighter and more capable than conventional VMs, there are several security threats, such as sharing kernels with host systems or uploading/downloading images from the image registry. one of which can refer to the integrity of container images. In addition, runtime security while the container application is running is very important, and monitoring the behavior of the container application at runtime can help detect abnormal behavior occurring in the container. Therefore, in this paper, first, we implement a signing checker that automatically checks the signature of an image based on the existing Docker Content Trust (DCT) technology to ensure the integrity of the container image. Next, based on falco, an open source project of Cloud Native Computing Foundation(CNCF), we introduce newly created image for the convenience of existing falco image, and propose implementation of docker-compose and package configuration that easily builds a monitoring system.