Leveraging Virtualization

Understanding the Role of Virtualization in Security

Gregory M. Kapfhammer

December 2, 2024

What role should virtualization play in secure software?

  • Offer an abstraction for system resources
  • Securely emulate a privileged environment
  • Yet, it introduces new security risks!
    • Do I trust the virtualization software?
    • Do I trust the Docker container?

What is a virtual machine?

  • A software-based emulation of a computer
  • Runs an operating system and applications
  • Isolation from the host operating system
  • Run untrusted code in a safe environment
  • In-Class Discussion
    • Where are virtual machines commonly used in industry?
    • What are the security benefits of using a virtual machine?
    • What are the downside of using a virtual machines?
    • How do you design and implement a secure virtual machine?

Trade-offs between virtual machines and software containers?

  • Virtual machines are often resource intensive
  • Containers share the host operating system
  • Containers are often lightweight and fast
  • What are the security downsides of containers?

Insecure Software Containers

Software Container Security Concerns

  • Shared Kernel Vulnerabilities: Containers share the host operating system’s kernel, increasing the risk if the kernel is compromised

  • Isolation Issues: Containers provide less isolation compared to virtual machines, potentially allowing for a variety of container breakout attacks

  • Image Vulnerabilities: Container images downloaded from “hubs” may contain vulnerabilities if not regularly updated and scanned

  • Privilege Escalation: Misconfigured software containers may run with some elevated privileges, increasing security risks for all software it runs

  • How can one container influence the behavior of another?
  • Do the benefits of containers outweigh the security risks?

Docker Security Concerns

docker run -d \
  --name mysecurecontainer \
  --network mynetwork \
  --restart unless-stopped \
  -v /host/data:/container/data:ro \
  -p 8080:80 \
  --cap-drop ALL \
  --read-only \
  --user 1000:1000 \
  nginx:latest
  • Downloads the nginx image from Docker Hub
  • Restarts the container unless explicitly stopped
  • Maps host’s /host/data to container’s /container/data
  • Uses the --cap-drop flag to drop all capabilities
  • See the Docker Security Cheat Sheet for more details!

Limiting Docker Resources

docker run -d \
  --name limitedcontainer \
  --memory="512m" \
  --cpus="1.5" \
  --ulimit nofile=1024:2048 \
  --ulimit nproc=100 \
  nginx:latest
  • Downloads the nginx image from Docker Hub
  • Uses the --memory flag to limit memory usage
  • Uses --cpus to limit the number of CPUs
  • Operating systems influence parameters impact
  • Overall, limited resources can enhance security!
  • However, is this enough to prevent most attacks?

Docker containers are complex software applications with behaviors that vary by operating system!

Container Orchestration

  • Deployment, scaling, and management of containers
  • Examples: Kubernetes or Docker Swarm
  • Features of container orchestration:
    • Service Discovery: Automatically find containers
    • Load Balancing: Distribute traffic across containers
    • Health Checks: Monitor container health
    • Rolling Updates: Update containers without downtime

Security implications of Kubernetes clusters?

  • Complexity: More moving parts, more vulnerabilities
  • Attack Surface: More services, more potential entry points
  • Misconfiguration: Picking the best settings can be tricky
  • Shared Responsibility: Must also consider cloud providers!

Overview of Cloud Computing

  • Public Cloud: Shared resources from a major data center
  • Private Cloud: Dedicated resources for a single organization
  • Hybrid Cloud: Combination of public and private cloud
  • Multi-Cloud: Use of multiple public cloud providers
  • In-Class Discussion: What are the trade-offs for each cloud option?
    • Performance
    • Reliability
    • Security

“Four Cs” of Cloud Native Security

  • Decide whether or not to use virtual machines or containers
  • Determine whether or not cloud deployment is necessary
  • Answer these questions for cloud native security:
    • Code: How secure is the code of the application?
    • Container: How secure is the software container?
    • Cluster: How secure is the Kubernetes cluster?
    • Cloud: How secure is the cloud provider?

Wrap-up on System Virtualization

Key Concepts

Virtualization Security

  • Shared kernel vulnerabilities
  • Isolation issues in containers
  • Risks of untrusted containers

Resource Management

  • Limit memory and CPU use
  • Control files and processes
  • System stability and security

Best Practices

Implementation

  • Use trusted/updated images
  • Principle of least privilege
  • Scan and update containers

Exploration

  • Try Docker resource limits
  • Container orchestration tools
  • Find secure configurations

Security Synapse