NCI WEBSITE
NORMA eResearch @NCI Library

Kubernetes Security Best Practices

Tools

Rout, Ritesh Kumar (2024) Kubernetes Security Best Practices. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (2MB) | Preview
[thumbnail of Configuration Manual]
Preview
 PDF (Configuration Manual)
Download (1MB) | Preview

Abstract

The security and adaptation that comes along with Kubernetes, the systems used to build containerized apps and microservices, is what this research examines. However, as more and more industries adopt Kubernetes, it also comes with additional complexities and opens up whole new areas of risk to security, from the vulnerabilities in container images to misconfigured policies. Adding to the complexity is the fact that many organizations use Kubernetes in conjunction with popular cloud platforms like AWS, which requires them to effectively address two types of security challenges the cloud-native and the Kuber-native. Related works identify important threats, show how microservices increase complexity, and propose new tools or techniques to improve Kubernetes security. The objective of this work is to evaluate the security of Kubernetes systems as well as existing and future security approaches. Thematic analysis revealed the key security issues such who are deploying these systems, what are the top insecure practices such as RBAC misconfigurations, container image vulnerabilities, network security, complexity of microservices, continuous monitoring, and zero-trust-based policy frameworks. The research indicated considerable shortcomings in existing security approaches, although work is being done to remedy issues surrounding vulnerabilities created by misconfigurations and imperfect network policies. Besides theoretical aspects, practical implementation was done on the live environment of Kubernetes with the actual approach and practices for implementing security on deploy. Important implementation steps were addressed, like configuring RBAC, securing container images, applying network policies, and configuring monitoring with Prometheus. The work provides insights into Kubernetes security, which is valuable for organizations looking to enhance the security of their environments. Organizations can be better equipped with a more secure, scalable and resilient containerized infrastructure by remediating the identified weaknesses and implementing strong security measures.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Emani, Sai
UNSPECIFIED
Uncontrolled Keywords: Kubernetes; container security; microservices; RBAC; network policies; AWS (Amazon Web Services); zero-trust security; Prometheus; security vulnerabilities; policy configuration; cloud security; security strategies
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Cloud computing
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cloud Computing
Depositing User: Ciara O'Brien
Date Deposited: 16 Jul 2025 11:27
Last Modified: 16 Jul 2025 11:27
URI: https://norma.ncirl.ie/id/eprint/8147

Actions (login required)

View Item View Item