• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.122-124
• /
• 2021

최근 4차 산업혁명의 기술이 발전하며 인공지능과 클라우드 컴퓨팅의 융합에 대한 연구가 활발하게 진행되고 있으며 클라우드 컴퓨팅에 컨테이너 기술을 접목한 새로운 컴퓨팅 환경이 주목받고 있다. 그러나 현재 사용되고 있는 컨테이너 기반의 가상화 기술은 컨테이너 실행에 필요한 파일과 설정 값을 포함하고 있는 컨테이너 이미지를 통해 배포하는 방식을 사용하고 다수의 컨테이너가 하나의 커널을 공유하기 때문에 취약한 패키지를 사용하는 컨테이너 이미지가 다수의 사용자와 공유 되어 시스템 보안이 매우 취약하다 이에 본 논문에서는 자연어처리 기법을 활용한 취약점 분석 시스템을 통해 컨테이너를 실행에 필요한 파일과 설정 값을 포함하고 있는 컨테이너 이미지에서 취약점을 분석하는 시스템을 제안한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.964-967
• /
• 2018

운영 체제 수준 가상화 기술의 결과물인 컨테이너는 경량화된 가상화 환경의 특징과 도커 프로젝트를 통한 손쉬운 패키지 관리와 배포를 특징으로 급격히 성장하였다. 이로써 컨테이너를 기반으로 한 IoT 클라우드 구성에 관한 연구가 진행되고 있지만, 한정된 자원과 성능을 가진 IoT 장치에서는 컨테이너의 가용성을 보장하기가 어렵다. 따라서 본 논문에서는 컨테이너의 서비스가 종료되고 다시 개시되기까지의 시간이 어떤 요인에 의하여 영향을 받는지 분석한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.4
• /
• pp.637-645
• /
• 2022

Cloud computing has been gaining popularity over decades, and container, a technology that is primarily used in cloud native applications, is also drawing attention. Although container technologies are lighter and more capable than conventional VMs, there are several security threats, such as sharing kernels with host systems or uploading/downloading images from the image registry. one of which can refer to the integrity of container images. In addition, runtime security while the container application is running is very important, and monitoring the behavior of the container application at runtime can help detect abnormal behavior occurring in the container. Therefore, in this paper, first, we implement a signing checker that automatically checks the signature of an image based on the existing Docker Content Trust (DCT) technology to ensure the integrity of the container image. Next, based on falco, an open source project of Cloud Native Computing Foundation(CNCF), we introduce newly created image for the convenience of existing falco image, and propose implementation of docker-compose and package configuration that easily builds a monitoring system.

• Transactions of the Korean hydrogen and new energy society
• /
• v.35 no.3
• /
• pp.324-335
• /
• 2024

The container package type sealed water electrolysis production system installs mechanical balance of plant and electrical balance of plant as an integrated unit to enable independent operation within the package module. The auxiliary equipment required to operate the water electrolysis system must be integrated to reduce the installation area and shorten the installation time. At this time, as leak risk factors are placed in a dense space, when a hydrogen gas leak accident occurs, it can have a mutual influence on other adjacent facilities, so it contains various risk factors. In this study, when a gas leak occurs in a container packaged water electrolysis system, possible sources of leakage in the system according to the KS C IEC 60079-10-1:2015 and KGS GC101 standards were identified, and the leak rate and leak characteristics were calculated. did. The hazardous area and its range were calculated according to ventilation and dilution characteristics. In order to optimize ventilation characteristics, design of experiment was used to analyze the influence to evaluate the adequacy of ventilation, and overseas ventilation standards were analyzed and compared. In addition, the optimal ventilation structure and characteristics of the container packaged water electrolysis system were presented according to the results of the experimental design method.