Abstract
It is essential to ensure the data security of data analytical frameworks as any security vulnerability existing in the system can lead to a data loss or data breach. This vulnerability may occur due to attacks from live attackers as well as automated bots. However inside attacks are also becoming more frequent because of incorrectly implemented security requirements and access control policies. Thus, it is important to understand security goals and formulate security requirements and access control policies accordingly. Therefore, it is equally important to identify the existing security vulnerabilities of a given software system. To find the available vulnerabilities against any system, it is mandatory to conduct vulnerability assessments as scheduled tasks in a regular manner. Thus, an easily deployable, easily maintainable, accurate vulnerability assessment testbed or a model is helpful as facilitated by Linux containers. Nowadays Linux containers (LXCs) which have operating system level virtualization, are very popular over virtual machines (VMs) which have hypervisor or kernel level virtualization in high performance computing (HPC) due to reasons, such as high portability, high performance, efficiency and high security (Chae et al in Clust Comput 22:1765-1775, 2019. https://doi.org/10.1007/s10586-017-1511-2 ). Hence, LXCs can make an efficient and scalable vulnerability assessment testbed or a model by using already developed analyzing tools such as OpenVas, Dagda, PortSpider, MongoAudit, NMap, Metasploit Framework, Nessus, OWASP Zed Attack Proxy, and OpenSCAP, to assure the required security level of a given system very easily. To verify the overall security of any given software system, this paper first introduces a virtual, portable and easily deployable vulnerability assessment general testbed within the Linux container network. Next, the paper presents, how to conduct experiments using this testbed on a MongoDB database implemented in Singularity Linux containers to find the available vulnerabilities in 1. MongoDB application itself, 2. Images accompanied by containers, 3. Host, and 4. Network by integrating seven tools: OpenVas, Dagda, PortSpider, MongoAudit, NMap, Metasploit Framework, and Nessus to the container-based testbed. Finally, it discusses how to use generated results to improve the security level of the given system.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.