Managed Containers for Increased Cyber-Resilience
Merino Aguilera, Xavier J
MetadataShow full item record
Traditional defense mechanisms are no longer adequate in protecting critical infrastructure and mission critical systems. These systems require to be always-on-always-connected. High availability and data integrity become crucial to deliver their mission. Unable to guarantee uncompromisable security and given that systems will inevitably be attacked, we must change our goals to guarantee mission survivability, the ability of the system to fight through the attack. Previous work has been done to increase availability and integrity using virtual machines. We move away from virtual machines towards Linux containers and implement resiliency strategies to guarantee stateful system recovery after an attack. The goal of this thesis is to improve resiliency technology to fight through cyberattacks. We show this through Flooid, our resiliency platform, designed to orchestrate and manage the container lifecycle while enforcing security and applying resilient techniques. Flooid allows to deploy an application, enforce its security, and return it to a secure state in case of a cyber-attack.