Securing Kubernetes in public cloud environments

With the rise of cloud providers, it is now easier than ever to create a startup and pay for infrastructure “as you go” instead of having to invest in physical servers and storage. At the same time, Kubernetes provides a scalable platform that meshes perfectly with the elasticity of the cloud enviro...

Descripción completa

Detalles Bibliográficos
Autor: Martínez Bevià, Víctor
Tipo de recurso: tesis de maestría
Fecha de publicación:2023
País:España
Institución:Universitat Oberta de Catalunya (UOC)
Repositorio:O2, repositorio institucional de la UOC
OAI Identifier:oai:openaccess.uoc.edu:10609/148751
Acceso en línea:http://hdl.handle.net/10609/148751
Access Level:acceso abierto
Palabra clave:cybersecurity
Kubernetes
threat model
ciberseguretat
model d'amenaces
ciberseguridad
modelo de amenazas
Computer security -- TFM
Seguretat informàtica -- TFM
Descripción
Sumario:With the rise of cloud providers, it is now easier than ever to create a startup and pay for infrastructure “as you go” instead of having to invest in physical servers and storage. At the same time, Kubernetes provides a scalable platform that meshes perfectly with the elasticity of the cloud environment. The low entry fee coupled with the conveniences of the providers shouldering infrastructure costs due to the shared responsibility model makes companies jump at the opportunity and run their code with a sometimes questionable security posture. In this work, we take a look at the current landscape of cybersecurity threats for Kubernetes clusters in a cloud environment, reviewing existing recommen-dations, best practices, and threat models in order to provide a structured guide on how to improve the security of the infrastructure against known attack vectors. Finally, we offer actionable implementations of each of the chosen security mitigations.