Abstract

Kubernetes is a powerful platform for automating the deployment, scaling and management of integrated applications. But with growing usage comes increased security concerns, especially in multitenant environments. This study examines two key aspects of Kubernetes security: workload stabilization and role-based access control (RBAC) optimization. We focus on the vulnerabilities of Kubernetes workloads and put security measures in place to protect embedded applications. In addition, we will examine the implementation of RBAC in Kubernetes resource access control and show possible misconfigurations and their risks. Our findings show that a combination of strict security policies and proper RBAC configuration can mitigate many common security threats in Kubernetes clusters.

References

• Sudheer Amgothu. An end-to-end ci/cd pipeline solution using jenkins and kubernetes. International Journal of Science and Research (IJSR), 13(8):1576–1578, 2024.
• Sudheer Amgothu. Innovative ci/cd pipeline optimization through canary and blue-green deployment. International Journal of Computer Applications, 186(50):1–5, Nov 2024.
• Brendan Burns, Eddie Villalba, Dave Strebel, and Lachlan Evenson. Kubernetes Best Practices. ” O’Reilly Media, Inc.”, 2023.
• Brendan Creane and Amit Gupta. Kubernetes Security and Observability. ” O’Reilly Media, Inc.”, 2021.
• Chris Felix, Hitesh Garg, and Serjik Dikaleh. Kubernetes security and access management: a workshop exploring security & access features in kubernetes. In Proceedings of the 29th Annual International Conference on Computer Science and Software Engineering, pages 395–396, 2019.
• Kazenas German and Olga Ponomareva. An overview of container security in a kubernetes cluster. In 2023 IEEE Ural- Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), pages 283– 285, 2023.
• Sandeep Kampa. Navigating the landscape of kubernetes security threats and challenges. Journal of Knowledge Learning and Science Technology ISSN: 2959-6386 (online), 3(4):274– 281, 2024.
• Francesco Minna, Agathe Blaise, Filippo Rebecchi, Balakrishnan Chandrasekaran, and Fabio Massacci. Understanding the security implications of kubernetes networking. IEEE Security & Privacy, 19(5):46–56, 2021.
• Anirudh Mustyala and Sumanth Tatineni. Advanced security mechanisms in kubernetes: Isolation and access control strategies. ESP Journal of Engineering & Technology Advancements (ESP JETA), 1(2):57–68, 2021.
• Garsha Rostami. Role-based access control (rbac) authorization in kubernetes. Journal of ICT Standardization, 11(3):237–260, 2023.
• Garsha Rostami. Role-based access control (rbac) authorization in kubernetes. Journal of ICT Standardization, 11(3):237–260, 2023.
• Md Shazibul Islam Shamim, Farzana Ahamed Bhuiyan, and Akond Rahman. Xi commandments of kubernetes security: A systematization of knowledge related to kubernetes security practices. 2020 IEEE Secure Development (SecDev), pages 58–64, 2020.
• Giridhar Kankanala Sudheer Amgothu. Sre and devops: Monitoring and incident response in multi-cloud environments. International Journal of Science and Research (IJSR), 12(9):2214–2218, 2023.