{"title":"Enhancing IoT device security in Kubernetes: An approach adopted for network policies and the SARIK framework","authors":"","doi":"10.1016/j.future.2024.107485","DOIUrl":null,"url":null,"abstract":"<div><p>The Internet of Things (IoT) has ushered in an era of connected devices that, while facilitating real-time data collection and sharing, also exposes these devices to significant security risks. This study addresses the challenges of security risks and vulnerabilities by employing the Network Policy in Kubernetes and focusing on the SARIK framework. SARIK is designed to automate the creation and implementation of network policies, with the aim of enhancing the efficiency and strengthening the protection of IoT devices. Experiments conducted in a controlled environment with Minikube in Kubernetes showed that the implementation of SARIK notably improved the security of IoT devices. Key observations included a noticeable reduction in vulnerability to cyberattacks and a significant increase in the overall resilience of the system. In particular, the study revealed improvements in the performance metrics analyzed, which is evidence of SARIK’s effectiveness in real-world scenarios. Compared with existing frameworks - e.g., those of Sysdig -, SARIK is notable for its integration with Kubernetes network policies and its emphasis on automated security management. Although automation is a key factor in related works, SARIK’s unique approach to leveraging the inherent capabilities of Kubernetes offers a distinct advantage in ensuring the security of IoT environments. This aspect, along with its performance benefits, underlines the value of SARIK’s contribution to IoT security. The application of SARIK in protecting IoT devices in Kubernetes environments meets the need for automated and cohesive strategies to tackle current security threats. This study not only highlights the efficiency of SARIK but also emphasizes the need for evolving security strategies, that can be adapted to dynamic threat modeling in complex and interconnected IT environments.</p></div>","PeriodicalId":55132,"journal":{"name":"Future Generation Computer Systems-The International Journal of Escience","volume":null,"pages":null},"PeriodicalIF":6.2000,"publicationDate":"2024-08-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Future Generation Computer Systems-The International Journal of Escience","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167739X24004412","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
Abstract
The Internet of Things (IoT) has ushered in an era of connected devices that, while facilitating real-time data collection and sharing, also exposes these devices to significant security risks. This study addresses the challenges of security risks and vulnerabilities by employing the Network Policy in Kubernetes and focusing on the SARIK framework. SARIK is designed to automate the creation and implementation of network policies, with the aim of enhancing the efficiency and strengthening the protection of IoT devices. Experiments conducted in a controlled environment with Minikube in Kubernetes showed that the implementation of SARIK notably improved the security of IoT devices. Key observations included a noticeable reduction in vulnerability to cyberattacks and a significant increase in the overall resilience of the system. In particular, the study revealed improvements in the performance metrics analyzed, which is evidence of SARIK’s effectiveness in real-world scenarios. Compared with existing frameworks - e.g., those of Sysdig -, SARIK is notable for its integration with Kubernetes network policies and its emphasis on automated security management. Although automation is a key factor in related works, SARIK’s unique approach to leveraging the inherent capabilities of Kubernetes offers a distinct advantage in ensuring the security of IoT environments. This aspect, along with its performance benefits, underlines the value of SARIK’s contribution to IoT security. The application of SARIK in protecting IoT devices in Kubernetes environments meets the need for automated and cohesive strategies to tackle current security threats. This study not only highlights the efficiency of SARIK but also emphasizes the need for evolving security strategies, that can be adapted to dynamic threat modeling in complex and interconnected IT environments.
期刊介绍:
Computing infrastructures and systems are constantly evolving, resulting in increasingly complex and collaborative scientific applications. To cope with these advancements, there is a growing need for collaborative tools that can effectively map, control, and execute these applications.
Furthermore, with the explosion of Big Data, there is a requirement for innovative methods and infrastructures to collect, analyze, and derive meaningful insights from the vast amount of data generated. This necessitates the integration of computational and storage capabilities, databases, sensors, and human collaboration.
Future Generation Computer Systems aims to pioneer advancements in distributed systems, collaborative environments, high-performance computing, and Big Data analytics. It strives to stay at the forefront of developments in grids, clouds, and the Internet of Things (IoT) to effectively address the challenges posed by these wide-area, fully distributed sensing and computing systems.