Docker 1.8 Improves Container Security With Content Trust

The open-source container technology now benefits from technology that can digitally sign and verify application containers.


As the use of Docker containers has grown, so too have concerns over security and application integrity. In a bid to address those concerns, the Docker open-source project today released Docker 1.8.0, featuring Docker Content Trust.

"The problem is right now we have millions of software updates every day across containers, but we have not had a standard way to validate the integrity and authenticity of those applications," Diogo Mónica, security lead for Docker, told eWEEK. "So we really had to find a solution that is easy for developers while still working on any type of infrastructure.

"Once you enable Content Trust in Docker 1.8.0, you're in a golden world where every operation that you do in Docker is a trusted operation," Monica said. "So all operations only work with trusted content." Trusted content is content that is digitally signed by the developer to provide a degree of authenticity and ownership.

The need to secure container virtualization with some form of digital integrity is an idea that Docker creator Solomon Hykes discussed with eWEEK in a 2014 video. That idea evolved over the course of 2015 into the Notary project, which is now in part being integrated into Docker 1.8.0 as Content Trust. Notary, which is built on The Update Framework (TUF) standard, is also available as a stand-alone project.

Content Trust in Docker 1.8.0, however, is not on by default; rather it's an opt-in model, according to Monica. As such, Docker users need to enable Content Trust as an environmental flag within Docker. After Content Trust is used in real-world deployments for a period of time to see how it's used and to fix issues, the plan is to have the feature turned on by default in a future Docker release, he said.

Docker Content Trust also provides a methodology that Monica said limits the risk of compromises from man-in-the-middle (MiTM) attacks. Even with signed content, there is the potential that an attacker can intercept an update stream and then replay a signed key to trick a user—a scenario for which Docker is ready.

"We have the concept of using a root key which is only needed when a developer creates a Docker repository," Monica explained. "That key can be kept offline, so in the event of a compromise, the key is not at risk."

Going a step further, Monica said there is image forgery resistance built into Content Trust. Even if an attacker attempts to change content for a trusted image, since the attacker does not have access to the root key, the attacker can't create an image that will be validated, he said.

Perhaps even more importantly, the Docker Content Trust mechanism also provides users with a guarantee around the freshness of the data.

"So if a Docker user downloads an image that is signed, the user also only gets an image that is up to date," Monica said.

If, for example, there is a GNU Privacy Guard (GPG) signature on a piece of content, an attacker could potentially do a downgrade attack and send the user a valid signed piece of content that might be out-of-date and has known vulnerabilities, he said. "With our system, since we guarantee freshness, there is no ability for an attacker to send a user old data," Monica added.

From a signing perspective, content publishers can sign their own trusted content for Docker. The Docker Hub can then be used as the trusted online repository to get Docker application images. While Content Trust will validate the authenticity of an image against a publisher key, Docker isn't yet scanning the actual applications themselves for any form of malware. Monica said that at some point in the future, Docker might explore some form of deeper security analysis for official images in the Docker Hub repository.

"For the focus of today with Docker Content Trust, if you trust a publisher you have guarantees that you're getting content from that publisher and what you get is the latest version," he said.

While Docker Content Trust is now being integrated into Docker 1.8.0, the underlying Notary technology has applicability beyond just Docker. Docker is now one of many application container runtime technologies that are participating in the Linux Foundation's Open Container Initiative. Monica emphasized that the Notary technology behind Docker Content Trust can work on other OCI container implementations as well.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.