Multi-tenant-oriented container mirror image security configuration method and system, operation terminal and storage medium

A security configuration, multi-tenant technology, applied in the direction of computer security devices, instruments, software deployment, etc., can solve problems such as the rapid spread of hazards, and achieve the effect of enhancing security, reducing transmission time, and improving security

Pending Publication Date: 2019-07-12
SHANDONG CHAOYUE DATA CONTROL ELECTRONICS CO LTD
View PDF4 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The Docker container is launched through the Docker image. If the image itself contains security holes or a Trojan horse carefully designed by the attacker, the damage may spread as quickly as a virus.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-tenant-oriented container mirror image security configuration method and system, operation terminal and storage medium
  • Multi-tenant-oriented container mirror image security configuration method and system, operation terminal and storage medium
  • Multi-tenant-oriented container mirror image security configuration method and system, operation terminal and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] The present invention provides a multi-tenant-oriented container image security configuration method, such as figure 1 As shown, the methods include:

[0056] S1, the tenant uses the private key of the digital certificate to encrypt the security information of the image layer;

[0057] Tenants can be based on the user end, or the operation end, or the computing node of the system, etc. based on user usage. Tenants are ports used by developers, testers, and operation and maintenance personnel.

[0058] The system assigns a digital certificate to each tenant based on the cloud computing environment, and the tenant uses the digital certificate to sign;

[0059]When a tenant edits or creates a new container image layer, the vulnerability scanning service based on the cloud computing environment scans the content of the container image layer to generate a scan summary; the tenant uses a hash algorithm to calculate the content of the container image layer to generate a cont...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a multi-tenant-oriented container mirror image security configuration method and system, an operation terminal and a storage medium. The method comprises: a tenant using a digital certificate private key to encrypt mirror image layer security information; storing the security information ciphertext and the tenant information in a mirror image layer; starting the container, and verifying each layer in the mirror image; and after each layer of the container passes the verification, completing the container starting process. Based on the layered design of the container mirror image, resource sharing can be achieved, multiple mirror images can share the same bottom mirror image layer, the transmission time can be shortened, and the storage occupied space is reduced. According to the method and the system, risk of mirror image tampering attack is prevented. A digital signature technology and a vulnerability scanning technology are mainly utilized to reconstruct a container mirror image generation and use process and enhance the security of a container mirror image, so that the risk of tampering the container mirror image is prevented, and the security of a container in a cloud environment is improved.

Description

technical field [0001] The present invention relates to the field of cloud computing data security, in particular to a multi-tenant-oriented container image security configuration method, system, operating terminal and storage medium. Background technique [0002] Docker is an LXC-based advanced container engine open sourced by the PaaS provider dotCloud. The source code is hosted on Github, based on the go language and open source under the Apache2.0 protocol. [0003] Docker envisages that the delivery operating environment is like shipping, the operating system is like a freighter, and each software based on the operating system is like a container. Users can freely assemble the operating environment through standardized means. At the same time, the content of the container can be customized by the user. Can be made by professionals. In this way, the delivery of a software is the delivery of a series of standardized components, which is the prototype of the docker-based ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F8/61G06F8/71G06F21/57
CPCG06F8/63G06F8/71G06F21/575
Inventor 孙大军李若寒元河清孙晓妮
Owner SHANDONG CHAOYUE DATA CONTROL ELECTRONICS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap