DOCSLIB.ORG

Security Considerations for Internet of Things: a Survey

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Considerations for Internet of Things: a Survey SN Computer Science (2020) 1:193 https://doi.org/10.1007/s42979-020-00201-3 SURVEY ARTICLE Security Considerations for Internet of Things: A Survey Anca Jurcut1 · Tiberiu Niculcea1 · Pasika Ranaweera1 · Nhien‑An Le‑Khac1 Received: 27 January 2020 / Accepted: 18 May 2020 © Springer Nature Singapore Pte Ltd 2020 Abstract Interconnecting “things” and devices that takes the form of wearables, sensors, actuators, mobiles, computers, meters, or even vehicles is a critical requirement for the current era. These inter-networked connections are serving the emerging applications home and building automation, smart cities and infrastructure, smart industries, and smart-everything. However, the security of these connected Internet of things (IoT) plays a centric role with no margin for error. After a review of the relevant, online literature on the topic and after looking at the market trends and developments, one can notice that there are still concerns with regard to security in IoT products and services. This paper is focusing on a survey on IoT security and aims to highlight the most signifcant problems related to safety and security in the IoT ecosystems. This survey identifes the general threat and attack vectors against IoT devices while highlighting the faws and weak points that can lead to breaching the security. Furthermore, this paper presents solutions for remediation of the compromised security, as well as methods for risk mitiga- tion, with prevention and improvement suggestions. Keywords IoT security · IoT threats · Risk mitigation · Quantum computing · Blockchain Introduction As IoT devices are interconnecting at every level and eve- rywhere, interacting with each other and the human beings, Internet of things (IoT) is the future of the Internet that will it is evident that security takes the spotlight. Securing these interconnect billions of intelligent communicating ’things’ devices will become everyone’s priority, from manufactur- to cater diverse services to Information Technology (IT) ers to silicon vendors (or IP developers), to software and users on a daily basis [92]. The IoT continues to afect the application developers, and to the fnal consumer, the ben- whole aspects of one’s private and professional life. In the efciary of the security “recipe” that will accompany these industrial sector, for example, smart devices will evolve to IoT products. Together, they need to adapt to the market become active contributors to the business process improv- demands, innovate and improve processes, grasp new skills ing the revenues of equipment manufacturers, Internet-based and learn new methods, raise the awareness, and elaborate services providers, and application developers [3]. The IoT new training and curricula programs. security is the area of endeavour concerned with safeguard- The wearables are a hallmark of IoT, with designs that ing connected devices and networks in the Internet of things incorporate practical functions and features. From health to environment. fashion and ftness-oriented devices, wearables make tech- nology pervasive by interweaving it into daily life [105]. The main goal of these apparatus is to gather data such as heart- * Anca Jurcut beat, burned calories, body or environment temperature, and [email protected] so on and send it to the user for information purposes [8]. Tiberiu Niculcea The wearables need to store the data locally or to the cloud, [email protected] to generate historical reports about the achieved progress Pasika Ranaweera of the user. [email protected] Undoubtedly, the smart home collects as well an enor- Nhien-An Le-Khac mous amount of private information. For example, it may [email protected] store the records about the absence or movements of the 1 School of Computer Science, University College Dublin, inhabitants, the temperature levels of the house in diferent Dublin, Ireland SN Computer Science Vol.:(0123456789) 193 Page 2 of 19 SN Computer Science (2020) 1:193 rooms, the water and electricity usage, and so on [139]. Contribution Much like the emerging smart homes, the smart ofce or smart building automatically controls energy-consuming This paper addresses some of the trending problems in devices such as heaters and lights to achieve a better ef- the IoT, such as the inefective identity, access, and trust ciency without human intervention or micromanaging management, by presenting solutions that are available [131]. in the market. The review of the most common threats Smart cities use IoT devices like the connected sensors, and attacks raises the awareness about the importance of lights, and meters to collect and analyse data for further security, whereas exploring the reasons for safety breach usage in improving the infrastructure, public utilities and boosts the understanding about why the IoT devices are services, and much more [49]. The use cases are countless, still vulnerable. Depending on the fault tolerance capa- but arguably the most important implementation is the smart bilities of the apparatus in the aftermath of an attack, the grids, which helps tremendously with resource conservation remediation is not always possible, leading to the immedi- [19]. In the smart healthcare domain, IoT technologies have ate replacement of the device for a new one. The operation many applications, and some of them are the tracking of is costly, labour-intensive, and time-consuming. Therefore, objects and people, including patients, staf or ambulance, risk mitigation needs to be considered by everyone playing identifcation of individuals based on pervasive shared biom- a role in the market. Mitigating risk starts with preventing etrics, and automatic data gathering and sensing [141]. the threat from happening. This survey ofers guidance for The industrial Internet of things (IIoT), known as Indus- threat and attack prevention by: try 4.0, revolutionizes the manufacturing by enabling the addition and accessibility of far greater amounts of data, at • showing how to raise the level and posture of security higher speeds, and a lot more efciently than before [16]. • describing best practices for product design, manufac- IIoT networks of smart devices allow industrial organiza- turing and development tions to open big data containers and connect people, data, • advising the consumers and lawmakers to be security- and processes from the factory foors to the ofces of their minded executive leaders. Business managers can use IIoT data to • proposing a new design: Another important step in the get a full and accurate view of their enterprise health, which reduction of the risk is to innovate and seek improve- will assist them to make better decisions. ment. The IoT is also revolutionizing the supply chain manage- ment (SCM), a foundational business process that impacts This research proposes a new design, with mentions of nearly every enterprise [114]. Some of the possible use cases disruptive technologies in order to replace the usage of for SCM are asset tracking and feet management. Asset the IT-related system and network models in the IoT eco- tracking is possible based on radio frequency identifca- system. The study elaborates as well on the issues posed tion (RFID) tags or subscriber identity/identifcation mod- by the scalability, complexity, and management of the IoT ule (SIM) cards with global coverage. This facility allows networks and identifes solutions for addressing it. With a supply chain manager to locate where a product, truck, the advancement of quantum computing, big data and arti- or shipping container is, at one given time. Also, the feet fcial intelligence (AI), predictive data analytics plays an management enhances operators to know whether asset reli- important role not only in forecasting the future mainte- ability, availability, and efciency are all optimized. nance or the need for process optimization, but also in The Internet of things is present at every level and sector identifying device security weaknesses, data breach, and of the society and will be even more rooted in, to become the future possible attacks, before they even happen. new everyday normal. As IoT is everywhere, so should pri- vacy and security be, inbuilt from the schematics of a prod- uct designer, until the last technician to infuence in a way Paper Organization or the other, the fnite apparatus. These devices undoubt- edly will allow humans to become more efcient with their Rest of the paper is organized into fve sections. Sec- time, energy, and money in ways that are easy to forecast. tion “ Related Work” summarizes the related surveys Still, the lack of proper security frameworks and safeguards and researches that focus on IoT security aspects. In that could lead to privacy being compromised and valuable data section, we have attempted to classify the material under exfltration to become possible. The convenience that IoT general, identity management, access control, and trust products and services bring to the lives of individuals has management. General IoT threats and vulnerabilities are its price tag, and it could turn out to be a high bill in the end presented in Sect. “General IoT Threats, Attacks, andVul- if security is not taken seriously by all the players of the IoT nerabilities” where a summary of the threats and attacks ecosystem. SN Computer Science SN Computer Science (2020) 1:193 Page 3 of 19 193 are tabulated in Table 1. Our main contribution of this architecture, and hardware sepcand points out the security paper is mentioned in Sect. “Risk
Load more

Recommended publications
  • 2Nd Edition, 2019
    2nd edition, 2019 Contents Cyber risks: New actors and threats ...........................................................................................................6 Security awareness: 10 statistics you’ll want to read .................................................................................7 Cyber Security from Orange ......................................................................................................................8 Distribution of threats by business vertical ...............................................................................................10 Distribution of threats by type ...................................................................................................................13 Mobile malware .........................................................................................................................................19 Global mapping of cyberattacks ...............................................................................................................20 Vulnerability distribution by criticality ........................................................................................................22 Timeline of events .....................................................................................................................................24 Education, Innovation, Research ..............................................................................................................28 Highlights: Relenting control - A new era of automation ..........................................................................32
    [Show full text]
  • The Effectiveness of the TOR Anonymity Network by David
    The Effectiveness of the Tor Anonymity Network David Gingerich 68-590-K 11/30/2014 Abstract Recent reports of government agencies monitoring their own citizens’ internet activity has led to an increasing demand for anonymity on internet. The purpose of this project is to present the research and findings that relate to the reliability of the web anonymity network Tor. Tor works by relaying public internet traffic to a predetermined set of nodes that hide the original sender and receiver’s information from an individual's internet traffic as it travels over the internet. Each Tor node only knows which node the packet came from and where the packet is going. The project explains the core technologies that make Tor work as well as the various attacks that Tor is designed to circumvent. Tor’s roots as an anonymity project designed by the US Naval Laboratory intended to protect the identities of government employees working out of hostile territories, to its current status as a non-profit organization is detailed. The reader will be guided through an explanation of how Tor works, as well as how Tor’s hidden services allow for a website’s physical location to be hidden. The reader is also guided through various examples of when the Tor network’s integrity was faulted, as Tor is a common target of various US government agencies such as the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI). Over the last several years many Tor users’ identities have been exposed due to various factors that were of their own makings.
    [Show full text]
  • On the Reliability of Network Eavesdropping Tools
    Chapter 16 ON THE RELIABILITY OF NETWORK EAVESDROPPING TOOLS Eric Cronin, Micah Sherr and Matthew Blaze Abstract This paper analyzes the problem of intercepting Internet traffic from the eavesdropper's point of view. It examines the reliability and accuracy of transcripts, and shows that obtaining "high fidelity" transcripts is harder than previously assumed . Even in highly favorable situations, such as capturing unencrypted traffic using standard protocols, simple - and entirely unilateral - countermeasures are shown to be sufficient to prevent accurate traffic analysis in many Internet interception configu- rations. In particular, these countermeasures were successful against ev- ery available eavesdropping system we tested. Central to our approach is a new class of "confusion" techniques, that unlike cryptography or steganography, do not require cooperation by the communicating par- ties and, in some cases, can be employed entirely by a third party who is not involved in the communication. Keywords: Eavesdropping, electronic interception, countermeasures 1. Introduction The results of Internet interceptions are almost always accepted un- critically. While previous work has shown the potential for spurious errors [1, 3J or evasion [13, 15] to interfere with capture, there has been remarkably little exploration of the problems that face eavesdroppers who wish to ensure the accuracy of their intercepts. We assert that the eavesdropping task is far more difficult than has previously been real- ized, and show that existing tools are insufficient
    [Show full text]
  • A Survey on Ethical Hacking: Issues and Challenges
    ASURVEY ON ETHICAL HACKING:ISSUES AND CHALLENGES APREPRINT Jean-Paul A. Yaacoub, Hassan N. Noura, Ola Salman, Ali Chehab American University of Beirut, Electrical and Computer Engineering Department, Beirut 1107 2020, Lebanon March 30, 2021 ABSTRACT Security attacks are growing in an exponential manner and their impact on existing systems is seriously high and can lead to dangerous consequences. However, in order to reduce the effect of these attacks, penetration tests are highly required, and can be considered as a suitable solution for this task. Therefore, the main focus of this paper is to explain the technical and non-technical steps of penetration tests. The objective of penetration tests is to make existing systems and their corresponding data more secure, efficient and resilient. In other terms, pen testing is a simulated attack with the goal of identifying any exploitable vulnerability or/and a security gap. In fact, any identified exploitable vulnerability will be used to conduct attacks on systems, devices, or personnel. This growing problem should be solved and mitigated to reach better resistance against these attacks. Moreover, the advantages and limitations of penetration tests are also listed. The main issue of penetration tests that it is efficient to detect known vulnerabilities. Therefore, in order to resist unknown vulnerabilities, a new kind of modern penetration tests is required, in addition to reinforcing the use of shadows honeypots. This can also be done by reinforcing the anomaly detection of intrusion detection/prevention system. In fact, security is increased by designing an efficient cooperation between the different security elements and penetration tests.
    [Show full text]
  • The Eavesdropper's Dilemma
    Technical Report MS-CIS-05-24 The Eavesdropper’s Dilemma Eric Cronin, Micah Sherr, and Matt Blaze Distributed Systems Lab Department of Computer and Information Science University of Pennsylvania {ecronin,msherr,blaze}@cis.upenn.edu Abstract This paper examines the problem of surreptitious Internet interception from the eavesdropper’s point of view. We introduce the notion of ‘fidelity” in digital eavesdropping. In particular, we formalize several kinds of “network noise” that might degrade fidelity, most notably “confusion,” and show that reliable network interception may not be as simple as previously thought or even always possible. Finally, we suggest requirements for “high fidelity” network interception, and show how systems that do not meet these requirements can be vulnerable to countermeasures, which in some cases can be performed entirely by a third party without the cooperation or even knowledge of the communicating parties. 1 Introduction Among the most basic simplifying assumptions of modern communications security is the notion that most commu- nication channels should, by their very nature, be considered vulnerable to interception. It has long been considered almost reckless to suggest depending on any supposed intrinsic security properties of the network itself1, and espe- cially foolish in complex, decentralized, heterogeneously-controlled networks such as the modern Internet. Orthodox doctrine is that any security must be either provided end-to-end (as with cryptography), or not considered to exist at all. While this rule-of-thumb well serves cautious confidential communicators, it is unsatisfying from the point of view of the eavesdropper. Paradoxically, while end-to-end security may be a prudent requirement for assuring confidential- ity in most networks, it does not follow that a lack of end-to-end security automatically makes it possible to eavesdrop effectively.
    [Show full text]
  • A Survey on Authentication Attacks and Countermeasures in a Distributed
    Jesudoss A. et.al / Indian Journal of Computer Science and Engineering (IJCSE) A SURVEY ON AUTHENTICATION ATTACKS AND COUNTERMEASURES IN A DISTRIBUTED ENVIRONMENT Jesudoss A.#1 Research Scholar, Faculty of Computer Science and Engineering, Sathyabama University, Chennai, Tamil Nadu, India1 [email protected], [email protected]# Subramaniam N.P.*2 Asst. Professor, Department of EEE, Pondicherry Engineering College, Puducherry, India2 [email protected], [email protected] * Abstract Web applications are not capable of many security attacks. Many attacks needed only minimum effort. In this paper, we analyze different possible attacks on authentication aspects of security and propose various countermeasures for mitigating attacks. This paper enables you to shield your web applications from various attacks on authentication. Different types of authentication mechanisms have also been suggested for different types of attacks. Keywords: Authentication; Attack; Countermeasures; Vulnerabilities; Threats; Security. 1. Introduction Due to flaws in many conventional authentication systems, many password attacks have occurred [1]. Determining one’s identity helps to maintain their user accounts on online transactions and services. The authentication is essential to avoid identity theft. Authentication is the process of confirming an individual, whether he is the person that he claims to be. Authentication is one important aspect of security that has to be addressed effectively [2]. Otherwise the other aspects of security such as authorization, availability, auditing, confidentiality, integrity and non-repudiation may also be easily compromised. In Paper [2], various authentication methods have been discussed in detail. This paper focuses on various attacks on authentication aspects of security. It is crucial to understand the differences between Vulnerabilities, Threats and attacks [3].
    [Show full text]
  • All-Type-Of-Attack
    Attack Types Documented by: Mr. Ahmed Khan Mr. Dipak Mr. Kannan Mr. Kiran Mr. Kulkarni Madunix Mr. Mohamed Iqbal Mr. Nitai Mr. Sagar Mr. Shrikanth Draft Copy : 01.03 Attacks • An attack is any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. • Without proper security measures and controls in place, our data might be subjected to an attack. Some attacks are passive, meaning information is monitored; others are active, meaning the information is altered with intent to corrupt or destroy the data or the network itself. • Attacks can be Insider or via external Attacks Active Attacks: An active attack is a network exploit ation in which a hacker attempts to make changes to data on the target or data en route to the target. Passive Attacks: A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target. Active :Listens Passive : Modifies Man-In-The-Middle AKA MITM • It is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. Countermeasures • Digital signature • Mutual authentication Brute Force • A brute-force attack consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly • The attacker systematically checks all possible passwords and passphrases until the correct one is found. • When password guessing, this method is very fast when used to check all short passwords.
    [Show full text]
  • Security Guidelines for Storage Infrastructure
    NIST Special Publication 800-209 Security Guidelines for Storage Infrastructure Ramaswamy Chandramouli Doron Pinhas This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-209 NIST Special Publication 800-209 Security Guidelines for Storage Infrastructure Ramaswamy Chandramouli Computer Security Division Information Technology Laboratory Doron Pinhas Continuity Software New York, NY This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-209 October 2020 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. This publication may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright in the United States.
    [Show full text]
  • Criminal Justice Information Services (CJIS) Security Policy
    U. S. Department of Justice Federal Bureau of Investigation Criminal Justice Information Services Division Criminal Justice Information Services (CJIS) Security Policy Version 5.5 06/01/2016 CJISD-ITS-DOC-08140-5.5 Prepared by: CJIS Information Security Officer Approved by: CJIS Advisory Policy Board EXECUTIVE SUMMARY Law enforcement needs timely and secure access to services that provide data wherever and whenever for stopping and reducing crime. In response to these needs, the Advisory Policy Board (APB) recommended to the Federal Bureau of Investigation (FBI) that the Criminal Justice Information Services (CJIS) Division authorize the expansion of the existing security management structure in 1998. Administered through a shared management philosophy, the CJIS Security Policy contains information security requirements, guidelines, and agreements reflecting the will of law enforcement and criminal justice agencies for protecting the sources, transmission, storage, and generation of Criminal Justice Information (CJI). The Federal Information Security Management Act of 2002 provides further legal basis for the APB approved management, operational, and technical security requirements mandated to protect CJI and by extension the hardware, software and infrastructure required to enable the services provided by the criminal justice community. The essential premise of the CJIS Security Policy is to provide appropriate controls to protect the full lifecycle of CJI, whether at rest or in transit. The CJIS Security Policy provides guidance for the creation, viewing, modification, transmission, dissemination, storage, and destruction of CJI. This Policy applies to every individual—contractor, private entity, noncriminal justice agency representative, or member of a criminal justice entity—with access to, or who operate in support of, criminal justice services and information.
    [Show full text]
  • White Hat Hacking
    M.Sc. in Cyber Security CSP-16 WHITE HAT HACKING Block 1 INTRODUCTION TO HACKING Unit – 1 Overview of Hacking Unit – 2 Footprinting & Reconnaissance Unit – 3 System Hacking Unit – 4 Sniffers EXPERT COMMITTEE Dr. P.K Behera (Chairman) Reader in Computer Science Utkal University Bhubaneswar, Odisha Dr.J.RMohanty (Member) Professor and HOD KIIT University Bhubaneswar, Odisha Sri PabitranandaPattnaik (Member) Scientist-E, NIC Bhubaneswar, Odisha Sri Malaya Kumar Das (Member) Scientist-E, NIC Bhubaneswar, Odisha Dr. Bhagirathi Nayak (Member) Professor and Head (IT & System) Sri Sri University, Bhubaneswar,Odisha Dr.Manoranjan Pradhan (Member) Professor and Head (IT & System) G.I.T.A Bhubaneswar, Odisha Sri Chandrakant Mallick (Convener) Consultant (Academic) School of Computer and Information Science Odisha State Open University Sambalpur, Odisha M.Sc. in Cyber Security Course Writers Bijay Kumar Paikaray Centurion University of Technology and Management, Odisha Editor Chandrakant Mallick College of Engineering, Bhubaneswar UNIT-1 Overview of Hacking Unit Structure 1.0 Introduction 1.1 Learning Objective 1.2 What is Hacking? 1.3 What is a Hacker? 1.3.1 Who is a Hacker? 1.3.2 Who is attacking you? 1.3.3 Types of Hackers 1.4 What is Cybercrime? 1.4.1 Type of Cybercrime 1.5 What is a Security Threat? 1.5.1 What are Physical Threats? 1.5.2 What are Non-physical threats? 1.6 What is a programming language? 1.6.1 Why should you learn how to program? 1.6.2 What languages should we learn? 1.6.3 Programming languages that are useful to hackers 1.6.4
    [Show full text]
  • On the Reliability of Current Generation Network Eavesdropping Tools
    University of Pennsylvania ScholarlyCommons Departmental Papers (CIS) Department of Computer & Information Science January 2006 On the Reliability of Current Generation Network Eavesdropping Tools Eric Cronin University of Pennsylvania, [email protected] Micah Sherr University of Pennsylvania, [email protected] Matthew A. Blaze University of Pennsylvania, [email protected] Follow this and additional works at: https://repository.upenn.edu/cis_papers Recommended Citation Eric Cronin, Micah Sherr, and Matthew A. Blaze, "On the Reliability of Current Generation Network Eavesdropping Tools", . January 2006. Postprint version. Published in International Federation for Information Processing, Volume 222, Advances in Digital Forensics II, edited by Martin S. Olivier, Sujeet Shenoi (Boston: Springer, 2006), pages 199-214. This paper is posted at ScholarlyCommons. https://repository.upenn.edu/cis_papers/303 For more information, please contact [email protected]. On the Reliability of Current Generation Network Eavesdropping Tools Abstract This paper analyzes the problem of interception of Internet traffic omfr the eavesdropper's point of view. We examine the reliability and accuracy of transcripts, and show that obtaining "high fidelity" transcripts is harder than previously assumed. Even in highly favorable situations, such as capturing unencrypted traffic using standard protocols, simple -- and entirely unilateral -- countermeasures are shown to be sufficiento t prevent accurate traffic analysis in many Internet interception configurations. In particular, these countermeasures were successful against every available eavesdropping system we tested. Central to our approach is a new class of techniques that we call confusion, which, unlike cryptography or steganography, does not require cooperation by the communicating parties and, in some case, can be employed entirely by a third party not involved in the communication at all.
    [Show full text]
  • Towards Intelligent Intrusion Detection Systems for Cloud Computing By
    Towards Intelligent Intrusion Detection Systems for Cloud Computing by Mohammed J Aljebreen A dissertation submitted to Florida Institute of Technology in partial fulfillment of the requirements for the degree of Doctorate of Philosophy in Computer Science Melbourne, Florida June, 2018 ⃝c Copyright 2018 Mohammed J Aljebreen All Rights Reserved The author grants permission to make single copies. We the undersigned committee hereby approve the attached dissertation Towards Intelligent Intrusion Detection Systems for Cloud Computing by Mohammed J Aljebreen William Allen, Ph.D. Associate Professor, and Program Chair for Cybersecurity and Data Science Computer Science Department Committee Chair Susan Earles, Ph.D. Associate Professor Electrical and Computer Engineering Department Outside Committee Member Philip Bernhard, Ph.D. Associate Professor Computer Science Department Committee Member Marius Silaghi, Ph.D. Associate Professor Computer Science Department Committee Member Philip Bernhard, Ph.D. Associate Professor and Department Head Director of School of Computing ABSTRACT Title: Towards Intelligent Intrusion Detection Systems for Cloud Computing Author: Mohammed J Aljebreen Major Advisor: William Allen, Ph.D. Statistics presented in the background chapter show the tremendous num- ber of security breaches that occurred in recent years. Furthermore, securing the new advanced technologies has become more challenging. Cloud computing and containers are among those emerging technologies that have introduced security challenges, and it is necessary that they be addressed. One of the main features of both cloud and container technologies is the sharing of resources of both hardware and software. The challenge becomes more complex when running containers in a cloud environment. Thus, advancing the security of container in the cloud envi- ronment is necessary, especially becasause of the lack of research in this area.
    [Show full text]