Secure code execution on cloud-based infrastructure with application containers
Tan, Yeong How
Date of Issue2017-11-23
School of Computer Science and Engineering
This project aims to enforce the security of a host system which executes the untrusted code submitted by users online. There are three approaches being implemented, AppArmor, Docker and SELinux. Both AppArmor and SELinux are Linux kernel security modules. The former restricts programs’ capabilities and the latter enforces mandatory access control policy. Docker isolates applications from each other by its container technology, which is a virtual machine in a much smaller scale and lesser resource needed as compared to the traditional ones. In this project, performance and security tests are conducted on these approaches to measure their performance and effectiveness.
Final Year Project (FYP)
Nanyang Technological University