Docker-based RBAC Task Management System

doi:10.3969/j.issn.1671-1122.2020.01.011

Abstract

Abstract:

With the rapid development of the Internet , the quantity of web services has proliferated, which makes the deployment of operating systems and application services more and more challenging. The development of cloud computing and virtualization has led to improvements in these issues. Although virtual machine technology has good isolation, it usually faces problems such as large virtualization overhead, poor scalability and long deployment time. The container technology represented by Docker has improved these problems very well, which allows us to quickly build, deploy, operate and extend services. On the other hand, Rights management is an important part of almost all application systems. Its main purpose is to control and manage the rights of the system. Control of system permissions is very important and necessary. Otherwise, system information leakage, system vulnerabilities and unpredictable losses to users will be caused. We should try to avoid risk problems caused by lack of permission control or improper operation. To solve this problem, this paper proposes a method of applying the role-based rights management model to the system to flexibly manage the rights, and deploys the system on the cloud platform using PaaS idea, enabling development. The personnel can develop, deploy and operate the system efficiently and flexibly on the cloud platform, which greatly improves resource utilization and time efficiency.

Key words: authority control, Docker, cloud computing, RBAC, virtualization

CLC Number:

TP309

BAI Jiameng, KOU Yingshuai, LIU Zeyi, ZHA Daren. Docker-based RBAC Task Management System[J]. Netinfo Security, 2020, 20(1): 75-82.

Figures/Tables 8

References 15

[1]	ANDERSON Charles.Docker Software Engineering[J]. IEEE Software, 2015, 32(3): 102-103.
[2]	JAGAR R, VERBRUGGEN H B, BRUIJIN P M.Fuzzy Inference in Rule-Based Real-Time Control[J]. Annual Review in Automatic Programming, 1992, 17(1): 183-188.
[3]	TAKABI H, JOSHI J B, AHN G J.Security and Privacy Challenges in Cloud Computing Environments[J]. IEEE Security & Privacy, 2010, 8(6): 24-31.
[4]	OMICINI A, RICCI A, VIRILI M.RBAC for Organisation and Security in an Agent Coordination Infrastructure[J]. Electronic Notes in Theoretical Computer Science, 2005, 128(5): 65-85.
[5]	RICHARD S, BALAZS P, XI V W.Using Docker for Factory System Software Management: Experience Report[J]. Procedia CIRP, 2018, 72(1): 659-664.
[6]	ARANGUREN M E, MARK W D.Enhanced Reproducibility of SADI Web Service Workflows with Galaxy and Docker[J]. GigaScience, 2015, 4(1): 59.
[7]	GEMOH M T, PARK S, KIM J, et al.An Efficient Multi-Task PaaS Cloud Infrastructure Based on Docker and AWS ECS for Application Deployment[J]. Cluster Computing, 2016, 19(3): 1-13.
[8]	BERTINO E, BETTINI C, FERRALI E, et al.An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning[J]. ACM Transactions on Database Systems, 2000, 23(3): 231-285.
[9]	SOLMS B V.Managing Secure Computer Systems and Networks[J]. International Journal of Bio Medical Computing, 1996, 43(1): 47.
[10]	SOBHY M I, SHEHATA A E D. Secure Computer Communication Using Chaotic Algorithms[J]. International Journal of Bifurcation and Chaos, 2000, 10(12): 2831-2839.
[11]	MCDANIEL P, MCLAUGHLIN S.Security and Privacy Challenges in the Smart Grid[J]. IEEE Security & Privacy, 2009, 7(3): 75-82.
[12]	VOLKER R, MEHRDAD J S.Access Control and Key Management for Mobile Agents[J]. Computers & Graphics, 1998, 22(4): 457-461.
[13]	PUCHERAL P.Client-Based Access Control Management for XML Documents[J]. 2006, 30(8): 84-95.
[14]	WIJESEKERA D, JAJODIA S.A Propositional Policy Algebra for Access Control[J]. ACM Transactions on Information and System Security, 2003, 6(2): 286-325.
[15]	DAVID F F, VIJAYALAKSHMI A, SERBAN I G.The Policy Machine: A Novel Architecture and Framework for Access Control Policy Specification and Enforcement[J]. Journal of Systems Architecture, 2011, 57(4): 412-424.

		客体安全等级
		T	S	C	U
主体安全等级	T	R/W	R	R	R
	S	W	R/W	R	R
	C	W	W	R/W	R
	U	W	W	W	R/W

		客体安全等级
		C	I	U
主体安全等级	C	R/W	W	W
	I	R	R/W	W
	U	R	R	R/W