Hide/Show Apps

Secure model for efficient live migration of containers

Download
2019
Mavuş, Zeynep
Cloud services have become increasingly widespread in the past decade due to their ability to reduce the complexity and cost of managing computers and networks. Cloud applications are run in virtualized environments such as virtual machines and containers to be able to allocate resources in an inexpensive manner. Both of these approaches require effective resource utilization, for which an important enabling technology is live migration, which involves moving a service from one host to another with the minimum possible downtime. Live migration is also required for system maintenance, load balancing, and protecting services from attacks through moving target defense. While migrating a service, the system should not be vulnerable to attacks. In this work, we propose a secure model for efficient live migration of containers. Because the applications are isolated from each other while running in Docker containers, checkpointing was used to generate the required migration data. In our proposed model, we provide security of the migration data using secure authentication, and ensuring all connections between the nodes are protected to provide communication security, making the system protected against migration attacks. The efficiency of the migration system designed based on the proposed model has been proven on stateless and stateful sample applications. Experiments with sample applications running on the Docker container platform demonstrate that the proposed approach achieves significantly better performance than its virtual machine live migration counterpart.