|
Work item:
|
X.sfrms
|
|
Subject/title:
|
Security framework and requirements of microservice for cloud computing using container technology
|
|
Status:
|
Under study
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2025-09 (Medium priority)
|
|
Liaison:
|
ITU-T SG13
|
|
Supporting members:
|
China, ZTE Corporation, China Unicom
|
|
Summary:
|
Cloud computing technologies have made important impacts on IT system development, and has many advantages, such as improving resource utilization rate of both hardware and software efficiently, strengthening data interaction abilities and providing more application services, and etc.
Container is one of typical virtualization technologies used in cloud computing. Be different from virtual-machine cloud computing, it is based on OS shared mode and doesn't need to simulate the complete hardware of the physical machine, run the complete operating system, and thus gains high system utilization rates, low resource load, fast start-up speed and portable data exchanges. Meanwhile, OS shared mode also brings much more complicated security problems and leads to serious consequences only by little security vulnerabilities. Because container technology has special security challenges and threats, it needs to make security extension for both technology and application services to defense potential security risks. And for container technology, the microservice technology is often referred as the common technology used for its application service development.
Although ITU-T X.1643 has presents the security threats and challenges for virtualization containers in cloud computing environments, its scope focuses on virtualization container technology itself, that is execution environment, container runtime, image, registration, orchestration management, virtual network.
This new work item focuses on security of microservice for cloud computing using container technology, including security risks analysis of microservice, and presents microservice security framework and functional security requirements.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-03-06 14:14:25
|
|
Last update:
2024-03-12 14:20:22
|
|
