Abstract: Serverless computing has rapidly gained popularity for its scalability and cost-efficiency, but it has also introduced significant security challenges, particularly in serverless containers. This paper presents a comprehensive security framework that addresses these challenges. Serverless containers, while flexible and agile, pose risks such as unauthorized access and data breaches due to their ephemeral nature and shared environments.
The framework consists of three key components: enhanced identity and access management using JWT and OIDC, improved container isolation via Docker's Namespace feature and customizable firewall rules, and advanced threat detection techniques encompassing static and dynamic analysis. Experiments demonstrate the framework's effectiveness in enhancing security without compromising performance. This paper discusses the security challenges in serverless containers, outlines the proposed framework, and summarizes experimental results, contributing to a deeper understanding of serverless container security.
Keywords: Serverless Computing, Serverless Containers, Security Framework, Identity and Access Management, JWT (JSON Web Token), OIDC (OpenID Connect), Container Isolation Docker Namespace, Firewall Rules, Threat Detection Techniques, Static Analysis Dynamic Analysis, Vulnerability Scanning, Experimental Evaluation, Security Challenge Unauthorized Access, Data Breaches, Cross-Container Contamination, Ephemeral Containers, Shared Environment.
|
DOI:
10.17148/IJARCCE.2024.13826
