| Cloud computing is generally implemented through virtualization technology.For traditional virtualization technology,though it can isolate Virtual Machine(VM)securely,it costs a large amount of resources with relatively low performance and economic benefits.Compared with the traditional virtualization,operation system-level virtualization based on Linux Containers(LXC)technology has various advantages.Firstly,the container can be started with second-level.Besides,the container is high-efficient in utilizing system resources.Despite all these advantages,users focus on the security level of the container mechanism.Thus,the key for attracting more users is to illustrate the efficiency of lightweight-level virtualization technology,which gains user confidence as a result.Through reviewing current studies,most researches focused on the implementation of container isolation technology,while the theoretical researches of container isolation are in lack.Thus,we focused on the security strategies studies of container isolation technology.The work of this dissertation includes:(1)The formal design of container isolation strategy mechanism:according to the characteristics of lightweight virtualization,and a series of isolation requirements such as dividing the address space for objects on the system,the formal definition of container isolation was suggested.Based on the container's object address space which the subject can read and can write,we proposed a set of minimum strategy rules for container isolation;(2)The security analysis of container isolation strategy mechanism:based on some techniques for guaranteeing the safety of system,we put forward that the security of strategy mechanism can be guaranteed through the aspects of the mechanism itself and the runtime system.We verified that the minimum strategy rules satisfy the definition of container through formal formula,which ensures the security of the mechanism itself.And the security of the isolation requirement,definition,and the strategy rules during the system runtime can be guaranteed through Domain and Type Enforcement(DTE)and Domain Definition Table(DDT);(3)The feasibility analysis of container isolation strategy mechanism:combined with the technology of Linux containers and DTE,it was proposed that the feasibility of strategy mechanism can be ensured from the aspects of the mechanism itself and the system runtime.And the feasibility of the strategy mechanism itself was illustrated through the namespace technology and the copy-on-write mechanism.Besides,on the basis of the formalized design for container isolation strategy mechanism,we proposed the detailed implementation of the mechanism,which demonstrates the feasibility of strategy mechanism during the system runtime.Finally,the realization of container isolation mechanism was presented. |
PDF Full Text Request