Security Assurance Requirements for Linux Application Container Deployments

Published: October 11, 2017

Author(s)

Ramaswamy Chandramouli

Abstract

In order for security solutions for application container environments to effectively meet their security objectives, it is necessary to analyze those security solutions and detail the metrics they must satisfy in the form of security assurance requirements. Since Linux and its various distributions form the predominant host OS component of the deployed container platforms, the focus of this document is on security assurance requirements for security solutions for application containers hosted on Linux.
Citation: NIST Interagency/Internal Report (NISTIR) - 8176
Report Number:
8176
Pub Type: NIST Pubs

Keywords

application container, capabilities, Cgroups, container image, container registry, kernel loadable module, Linux kernel, namespace, Trusted Platform Module.
Created October 11, 2017, Updated November 10, 2018