@inproceedings{41306e0bc18840a2a075465bbaa814ba,
title = "Securing CHEESEHub: A Cloud-based, Containerized Cybersecurity Education Platform",
abstract = "The Cyber Human Ecosystem for Engaged Security Education (CHEESEHub) is an open web platform that hosts community-contributed containerized demonstrations of cybersecurity concepts. In order to maximize flexibility, scalability, and utilization, CHEESEHub is currently hosted in a Kubernetes cluster on the Jetstream academic cloud. In this short paper, we describe the security model of CHEESEHub and specifically the various Kubernetes security features that have been leveraged to secure CHEESEHub. This ensures that the various cybersecurity exploits hosted in the containers cannot be misused, and that potential malicious users of the platform are cordoned off from impacting not just other legitimate users, but also the underlying hosting cloud. More generally, we hope that this article will provide useful information to the research computing community on a less discussed aspect of cloud deployment: the various security features of Kubernetes and their application in practice.",
keywords = "Kubernetes, cloud computing, containers, cybersecurity",
author = "Mike Lambert and Rajesh Kalyanam and Rob Kooper and Baijian Yang",
note = "Publisher Copyright: {\textcopyright} 2021 Owner/Author.; 5th Practice and Experience in Advanced Research Computing Conference: Evolution Across All Dimensions, PEARC 2021 ; Conference date: 19-07-2021 Through 22-07-2021",
year = "2021",
month = jul,
day = "17",
doi = "10.1145/3437359.3465584",
language = "English (US)",
series = "ACM International Conference Proceeding Series",
publisher = "Association for Computing Machinery",
booktitle = "PEARC 2021 - Practice and Experience in Advanced Research Computing 2021",
address = "United States",
}