Application Containers are slowly finding adoption in enterprise IT infrastructures. Security guidelines and countermeasures have been proposed to address security concerns associated with the deployment of application container platforms. To assess the effectiveness of the security solutions implemented based on these recommendations, it is necessary to analyze those solutions and outline the security assurance requirements they must satisfy to meet their intended objectives. This is the contribution of this document. The focus is on application containers on a Linux platform.
Keywords: application container; capabilities; Cgroups; container image; container registry; kernel loadable module; Linux kernel; namespace; TPM
https://csrc.nist.gov/publications/detail/nistir/8176/final
https://csrc.nist.gov/News/2017/NIST-Releases-NISTIR-8176
http://doi.org/10.6028/NIST.IR.8176
Firmware Security 