DIVDS: Docker Image Vulnerability Diagnostic System

Soonhong Kwon; Jong-Hyouk Lee

doi:10.1109/ACCESS.2020.2976874

IEEE Access (Jan 2020)

DIVDS: Docker Image Vulnerability Diagnostic System

Soonhong Kwon,
Jong-Hyouk Lee

Affiliations

Soonhong Kwon: Department of Software, Protocol Engineering Laboratory, Sangmyung University, Cheonan, South Korea
Jong-Hyouk Lee: ORCiD; Department of Software, Protocol Engineering Laboratory, Sangmyung University, Cheonan, South Korea

DOI: https://doi.org/10.1109/ACCESS.2020.2976874
Journal volume & issue: Vol. 8
pp. 42666 – 42673

Abstract

Read online

Since the development of Docker in 2013, container utilization projects have emerged in various fields. Docker has the advantage of being able to quickly share application build environments among developers through container technology, but it does not provide security guarantees for known security vulnerabilities inside Docker images. Since the Docker images are shared without a means of security vulnerability diagnostic, polluted Docker images can be distributed so that the Docker-based application build environments can be easily collapsed. In this paper, we introduce a Docker Image Vulnerability Diagnostic System (DIVDS) for a reliable Docker environment. The proposed DIVDS diagnoses Docker images when uploading or downloading the Docker images from a Docker image repository.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords