Security Properties of Containers Managed by Docker


Archived Published: 07 January 2015 ID: G00270652

Analyst(s):

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

contact us online

Summary

Security properties of containers are a largely unexplored field. In this comparison, security and risk management professionals can familiarize themselves with the security properties of containers by contrasting them to the controls of the Linux operating system and hypervisors.

Table of Contents

  • Comparison
  • Analysis
    • Resource Isolation
      • Application and Process Isolation
      • Isolation of Tenants
      • Virtualization Primitives
      • Device Isolation
      • Kernel Instances and Number of Attack Surfaces
      • Network Isolation
    • Secure Administration and Management
      • Granular Administration
      • Administrative User Access
      • Secure Management Protocols
      • Detailed Statistics and Metering
    • Support for Common Security Controls
      • Data-at-Rest or File Encryption
      • Endpoint Protection
      • Workload Mobility
      • Backup and Restore
    • Secure Operations Management and Configuration Governance
      • Accepted Controls and Best Practices for Regulatory Compliance
      • Auditing and Logging
      • Configuration Management
  • Guidance
    • Controls Natively Supported by Docker
    • Security Contexts and Mandatory Access Controls
    • Endpoint Protection
    • Use Cases
      • Docker for Convenient Solo Application Deployment
      • Docker for Creating a Private PaaS Across One Trust Level
      • Docker for Creating a Private PaaS or a Public PaaS Across Multiple Trust Levels
  • Gartner Recommended Reading
© 2015 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Free Research

Discover what 12,000 CIOs and Senior IT leaders already know.

Free Access

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more