Unlock instant, AI-driven research and patent intelligence for your innovation.

Dependency-Based Container Mirror Library Security Evaluation System and Method

A dependency and security assessment technology, applied in the field of dependency-based container image library security assessment system, can solve problems such as consuming a lot of time

Active Publication Date: 2022-06-28
SHANGHAI JIAOTONG UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of the existing technologies mentioned above, the inventor believes that the problem of this method is that it takes a lot of time to download the image to the local evaluation. Therefore, when a security vulnerability breaks out, it is difficult to complete the large-scale container image in a short time. Security Assessment Methods for Libraries

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dependency-Based Container Mirror Library Security Evaluation System and Method
  • Dependency-Based Container Mirror Library Security Evaluation System and Method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The present invention will be described in detail below in conjunction with specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that those skilled in the art can make several changes and improvements without departing from the concept of the present invention. These all belong to the protection scope of the present invention.

[0040] The embodiment of the present invention discloses a dependency-based container mirror library security assessment system, such as figure 1 and figure 2 As shown, it includes the management node and the detection node, and the management node and the detection node exchange data through the distributed task scheduling technology message channel to work together. The distributed task scheduling technology adopts the Gearman distributed task scheduling framework. The management node builds a cont...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a system and method for evaluating the security of a container image library based on dependencies, including a management node and a detection node, and the management node and the detection node exchange data and work together; the management node completes the container image dependency tree in the container warehouse Build and update the container image dependency tree, and deliver the container image detection task; the detection node receives the delivered container image detection task, and the container image detection task performs a complete security inspection on the container image; if there is a security risk in the container image, issue The sub-mirror detection task is given to the detection node; the sub-mirror detection task issued by the detection node searches for all sub-mirrors of the container image in the container image dependency tree, and detects whether the files with security risks are repaired in the sub-mirror. The invention is beneficial to evaluate the impact range of vulnerabilities, to detect potential safety hazards in the container image, and has the effect of large-scale analysis of the security of the image in the container image library.

Description

technical field [0001] The present invention relates to the technical field of container mirror library security assessment, in particular to a dependency relationship-based container mirror library security assessment system and method. Background technique [0002] The mode of deploying and running software in a virtual environment based on container technology has brought great convenience, and the way of compiling once and deploying multiple times has brought increasing user needs. Among them, large manufacturers such as Docker, Red Hat, and Google have established official storage warehouses containing a large number of container images. At the same time, security issues in its container ecological environment continue to occur, especially after insecure images are mixed into storage warehouses. Due to the existence of various complex dependencies between images, users can freely choose to generate an image that may depend on A new instance of an insecure image, theref...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F21/572G06F2221/033G06F2221/034
Inventor 陈力波夏懿航李嘉琦姜开达王轶骏薛质
Owner SHANGHAI JIAOTONG UNIV