nanopenguin/bachelor-thesis
Archived
1
0
Fork 0
Code Actions
This repository has been archived on 2025-09-29. You can view files and clone it, but cannot push or open issues or pull requests.
bachelor-thesis/tex/Literatur.bib

437 lines
15 KiB
BibTeX
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

@misc{finley_2014_amazon,
author = {Finley, Klint},
month = {11},
title = {Amazon Embraces Docker, Following Google and Microsoft's Lead},
url = {https://www.wired.com/2014/11/following-google-microsoft-amazon-embraces-next-big-thing-cloud-computing/},
urldate = {2025-04-11},
year = {2014},
organization = {WIRED}
}
@misc{tozzi_2018_5,
author = {Tozzi, Christopher},
month = {05},
title = {5 Companies Driving Innovation in the Containers Market},
url = {https://cloudnativenow.com/topics/cloudnativedevelopment/5-companies-driving-innovation-in-the-container-market/},
urldate = {2025-04-11},
year = {2018},
organization = {Cloud Native Now}
}
@misc{kubernetes_2023_overview,
author = {Kubernetes},
month = {09},
title = {Overview},
url = {https://kubernetes.io/docs/concepts/overview/},
urldate = {2025-04-11},
year = {2023},
organization = {Kubernetes}
}
@misc{pardo_2023_but,
author = {Pardo, J A},
month = {12},
title = {But… it works on my machine…},
url = {https://medium.com/%40josetecangas/but-it-works-on-my-machine-cc8cca80660c},
urldate = {2025-04-11},
year = {2023},
organization = {Medium}
}
@inbook{wang_2025_common,
author = {Wang, Ying and Cheung, ShingChi and Yu, Hai and Zhu, Zhiliang},
pages = {35-52},
publisher = {Springer Nature Singapore},
title = {Common Types of Dependency Issues},
doi = {10.1007/9789819617975_3},
url = {https://doi.org/10.1007/9789819617975_3},
year = {2025},
organization = {Managing Software Supply Chains: Theory and Practice},
series = {Managing Software Supply Chains: Theory and Practice}
}
@misc{a2024_whats,
editor = {Turner, Adam and Wouters, Thomas},
title = {Whats New In Python 3.13},
url = {https://docs.python.org/3.13/whatsnew/3.13.html#removed-modules-and-apis},
urldate = {2025-04-11},
year = {2024},
organization = {Python documentation}
}
@misc{a2025_leading,
month = {01},
title = {Leading containerization technologies 2024},
url = {https://www.statista.com/statistics/1256245/containerization-technologies-software-market-share/},
urldate = {2025-04-11},
year = {2025},
organization = {Statista}
}
@misc{docker_2023_what,
author = {Docker},
title = {What is a Container?},
url = {https://www.docker.com/resources/what-container/},
urldate = {2025-04-11},
year = {2023},
organization = {Docker}
}
@misc{zhao_2024_simplifying,
author = {Zhao, Tim},
month = {08},
title = {Simplifying Database Deployment with Docker Containers},
url = {https://medium.com/%40tzhaonj/simplifying-database-deployment-with-docker-containers-089da9332dd9},
urldate = {2025-04-11},
year = {2024},
organization = {Medium}
}
@proceedings{skourtis_2019_carving,
author = {Skourtis, Dimitris and Rupprecht, Lukas and Tarasov, Vasily and Megiddo, Nimrod},
month = {07},
publisher = {USENIX Association},
title = {Carving perfect layers out of docker images},
url = {https://www.usenix.org/conference/hotcloud19/presentation/skourtis},
urldate = {2025-04-11},
year = {2019}
}
@phdthesis{putta_2023_enhancing,
author = {Putta, Yellammagari Srikar},
title = {Enhancing docker container security},
url = {https://norma.ncirl.ie/7145/},
urldate = {2025-04-11},
year = {2023}
}
@article{yasrab_2018_mitigating,
author = {Yasrab, Robail},
month = {04},
publisher = {Cornell University},
title = {Mitigating Docker Security Issues},
doi = {10.48550/arxiv.1804.05039},
year = {2018},
journal = {arXiv (Cornell University)}
}
@article{bui_2015_analysis,
author = {Bui, Thanh Nhan},
month = {01},
publisher = {Cornell University},
title = {Analysis of Docker Security},
doi = {10.48550/arxiv.1501.02967},
year = {2015},
journal = {arXiv (Cornell University)}
}
@misc{a2024_networking,
title = {Networking overview},
url = {https://docs.docker.com/engine/network/},
urldate = {2025-04-11},
year = {2024},
organization = {Docker Documentation}
}
@misc{docker,
title = {Docker Security - OWASP Cheat Sheet Series},
url = {https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html},
organization = {cheatsheetseries.owasp.org}
}
@book{zhaojun_2021_cve202144228,
author = {Zhaojun, Chen},
month = {12},
title = {CVE-2021-44228},
url = {https://www.cve.org/CVERecord?id=CVE-2021-44228},
urldate = {2025-04-11},
year = {2021},
organization = {CVE}
}
@misc{kamath_2021_containerize,
author = {Kamath, Dhanush},
month = {01},
publisher = {The Startup},
title = {Containerize Your Personal Projects With Docker},
url = {https://medium.com/swlh/containerize-your-personal-projects-with-docker-fe62ca391db8},
urldate = {2025-04-11},
year = {2021},
organization = {Medium}
}
@misc{gitea,
title = {Gitea CVEs and Security Vulnerabilities - OpenCVE},
url = {https://app.opencve.io/cve/?vendor=gitea},
urldate = {2025-04-11},
organization = {Opencve.io}
}
@misc{gitlab,
title = {Gitlab CVEs and Security Vulnerabilities - OpenCVE},
url = {https://app.opencve.io/cve/?vendor=gitlab},
urldate = {2025-04-11},
organization = {Opencve.io}
}
@proceedings{gasser_2014_a,
author = {Gasser, Oliver and Holz, Ralph and Carle, Georg},
title = {A deeper understanding of SSH: Results from Internet-wide scans},
doi = {10.1109/NOMS.2014.6838249},
year = {2014}
}
@misc{danigarcia_2025,
author = {dani-garcia},
month = {02},
url = {https://github.com/dani-garcia/vaultwarden/wiki},
urldate = {2025-04-11},
year = {2025},
organization = {GitHub}
}
@misc{a2024_vagrant,
title = {Vagrant Guide — Ansible Community Documentation},
url = {https://docs.ansible.com/ansible/9/scenario_guides/guide_vagrant.html},
urldate = {2025-04-11},
year = {2024},
organization = {Ansible.com}
}
@article{wahanani_2021_implementation,
author = {Wahanani, Henni Endah and Idhom, Mohammad and Kristiawan, Kiki Yuniar},
month = {12},
pages = {34-39},
title = {Implementation Of Docker Container On Local Network By Applying Reverse Proxy},
doi = {10.33005/ijconsist.v3i1.59},
urldate = {2022-09-07},
volume = {3},
year = {2021},
journal = {IJCONSIST JOURNALS}
}
@misc{patch1,
title = {patch(1) - Linux manual page},
url = {https://man7.org/linux/man-pages/man1/patch.1.html},
urldate = {2025-04-11},
organization = {Man7.org}
}
@misc{hashicorp_vagrant,
author = {HashiCorp},
title = {vagrant up - Command-Line Interface},
url = {https://developer.hashicorp.com/vagrant/docs/cli/up},
urldate = {2025-04-11}
}
@misc{souppaya_2017_application,
author = {Souppaya, Murugiah and Morello, John and Scarfone, Karen},
month = {09},
publisher = {National Institute of Standards and Technology (NIST)},
title = {Application container security guide},
doi = {10.6028/nist.sp.800-190},
url = {https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-190.pdf},
urldate = {2025-05-02},
year = {2017}
}
@misc{avrahami_2019_breaking,
author = {Avrahami, Yuval},
month = {02},
title = {Breaking out of Docker via runC Explaining CVE-2019-5736},
url = {https://unit42.paloaltonetworks.com/breaking-docker-via-runc-explaining-cve-2019-5736/},
urldate = {2025-05-02},
year = {2019},
organization = {Unit42}
}
@online{Configure2025,
title = {Configure logging drivers},
organization = {Docker},
year = {2025},
url = {https://docs.docker.com/engine/logging/configure},
urldate = {2025-05-20},
}
@online{Networking2025,
title = {Networking with standalone containers},
organization = {Docker},
year = {2025},
url = {https://docs.docker.com/engine/network/tutorials/standalone/#use-the-default-bridge-network},
urldate = {2025-05-20},
}
@online{Filtering2025,
title = {Packet filtering and firewalls},
organization = {Docker},
year = {2025},
url = {https://docs.docker.com/engine/network/packet-filtering-firewalls/},
urldate = {2025-05-20},
}
@online{PostgreSQL,
title = {PostgreSQL: Security Information},
organization = {PostgreSQL Global Development Group},
url = {https://www.postgresql.org/support/security},
urldate = {2025-05-20},
}
@online{PostgreSQL,
title = {PostgreSQL: Security Information},
organization = {PostgreSQL Global Development Group},
url = {https://www.postgresql.org/support/security},
urldate = {2025-05-20},
}
@online{GiteaDocs,
title = {Installation with Docker},
organization = {Gitea},
url = {https://docs.gitea.com/installation/install-with-docker},
urldate = {2025-05-20},
}
@online{VaultwardenHardening,
title = {Hardening Guide},
organization = {GitHub, dani-garcia/vaultwarden},
day = {03},
month = {08},
year = {2024},
url = {https://github.com/dani-garcia/vaultwarden/wiki/Hardening-Guide},
urldate = {2025-05-20},
}
@online{GiteaHardening,
title = {Configuration Cheat Sheet - Security},
organization = {Gitea},
url = {https://docs.gitea.com/administration/config-cheat-sheet#security-security},
urldate = {2025-05-20},
}
@book{Kent2006,
title = {Guide to Computer Security Log Management},
url = {http://dx.doi.org/10.6028/NIST.SP.800-92},
DOI = {10.6028/nist.sp.800-92},
institution = {National Institute of Standards and Technology},
author = {Kent, Karen and Souppaya, Murugiah},
year = {2006}
}
@book{Scarfone2023,
title = {Cybersecurity Log Management Planning Guide},
url = {https://doi.org/10.6028/NIST.SP.800-92r1.ipd},
DOI = {10.6028/NIST.SP.800-92r1.ipd},
institution = {National Institute of Standards and Technology},
author = {Scarfone, Karen and Souppaya, Murugiah},
month = {10},
year = {2023},
note = {Public Draft of Rev. 1 of NIST SP 800-92}
}
@online{OWASP,
title = {Principles of security - OWASP Developer Guide},
organization = {OWASP},
author = {OWASP Developer Guide team},
url = {https://devguide.owasp.org/en/02-foundations/03-security-principles/#security-by-default},
urldate = {2025-05-20},
}
@online{C5,
title = {C5: Secure By Default Configurations - OWASP Top 10 Proactive Controls},
organization = {OWASP},
url = {https://top10proactive.owasp.org/the-top-10/c5-secure-by-default},
urldate = {2025-05-20},
}
@misc{CVE_2019_9193,
title = {{CVE}-2019-9193},
day = {04},
month = {01},
year = {2019},
url = {https://www.cve.org/CVERecord?id=CVE-2019-9193},
urldate = {2025-05-20},
}
@online{WhatIsFalco,
title = {What is Falco?},
organization = {Falco},
url = {https://falco.org/about},
urldate = {2025-05-20},
}
@Article{iot5030026,
AUTHOR = {Ajith, Vishnu and Cyriac, Tom and Chavda, Chetan and Kiyani, Anum Tanveer and Chennareddy, Vijay and Ali, Kamran},
TITLE = {Analyzing Docker Vulnerabilities through Static and Dynamic Methods and Enhancing IoT Security with AWS IoT Core, CloudWatch, and GuardDuty},
JOURNAL = {IoT},
VOLUME = {5},
YEAR = {2024},
NUMBER = {3},
PAGES = {592--607},
URL = {https://www.mdpi.com/2624-831X/5/3/26},
ISSN = {2624-831X},
ABSTRACT = {In the age of fast digital transformation, Docker containers have become one of the central technologies for flexible and scalable application deployment. However, this has opened a new dimension of challenges in security, which are skyrocketing with increased technology adoption. This paper discerns these challenges through a manifold approach: first, comprehensive static analysis by Trivy, and second, real-time dynamic analysis by Falco in order to uncover vulnerabilities in Docker environments pre-deployment and during runtime. One can also find similar challenges in security within the Internet of Things (IoT) sector, due to the huge number of devices connected to WiFi networks, from simple data breaches such as brute force attacks and unauthorized access to large-scale cyber attacks against critical infrastructure, which represent only a portion of the problems. In connection with this, this paper is calling for the execution of robust AWS cloud security solutions: IoT Core, CloudWatch, and GuardDuty. IoT Core provides a secure channel of communication for IoT devices, and CloudWatch offers detailed monitoring and logging. Additional security is provided by GuardDutys automatized threat detection system, which continuously seeks out potential threats across network traffic. Armed with these technologies, we try to build a more resilient and privacy-oriented IoT while ensuring the security of our digital existence. The result is, therefore, an all-inclusive work on security in both Docker and IoT domains, which might be considered one of the most important efforts so far to strengthen the digital infrastructure against fast-evolving cyber threats, combining state-of-the-art methods of static and dynamic analyses for Docker security with advanced, cloud-based protection for IoT devices.},
DOI = {10.3390/iot5030026}
}
@online{RPiWebServer,
title = {Raspberry PI Web Server},
day = {14},
month = {07},
year = {2019},
url = {https://forums.raspberrypi.com/viewtopic.php?t=245729},
urldate = {2025-05-20},
}
@online{Martin,
title = {How I run my blog on a Raspberry Pi},
day = {11},
month = {03},
year = {2022},
author = {Martin Anderson-Clutz},
publisher = {Opensource.com},
url = {https://opensource.com/article/22/3/run-drupal-raspberry-pi},
urldate = {2025-05-20},
}
@report{106028nistsp800123,
title = {Guide to general server security},
author = "Scarfone, Karen and Jansen, Wayne and Tracy, Miles",
month = {07},
year = {2008},
doi = {10.6028/nist.sp.800-123},
publisher = {National Institute of Standards and Technology},
url = {https://doi.org/10.6028/nist.sp.800-123},
}
@online{CISBench,
title = {CIS Benchmarks},
publisher = {CIS},
url = {https://www.cisecurity.org/cis-benchmarks},
urldate = {2025-05-20},
}
@article{gessert2017nosql,
title={NoSQL database systems: a survey and decision guidance},
author={Gessert, Felix and Wingerath, Wolfram and Friedrich, Steffen and Ritter, Norbert},
journal={Computer Science-Research and Development},
volume={32},
pages={353--365},
year={2017},
publisher={Springer}
}
@inproceedings{pokorny2011nosql,
title={NoSQL databases: a step to database scalability in web environment},
author={Pokorny, Jaroslav},
booktitle={Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services},
pages={278--283},
year={2011}
}
@online{rHomelabLocalUsage,
title = {Raspberry PI Web Server},
day = {28},
month = {10},
year = {2023},
url = {https://www.reddit.com/r/homelab/comments/17i9xrg},
urldate = {2025-05-20},
}
View Git Blame Copy Permalink