Docker.What is Docker[EB/OL].[2016-08-15].http://www.docker.com/whatisdocker.
[2]
CVE.Common Vulnerabilities and Exposures:Docker[EB/OL].[2016-09-21].http://www.scap.org.cn/cve_list.php?keyword=docker&action=search.
[3]
SOLTESZ S,TZL H,FIUCZYNSKI M E,et al.Container-based operating system virtualization:A scalable,high-performance alternative to hypervisors[J].Acm Sigops Operating Systems Review,2007,41(3):275-287.
[4]
CALARCO G,CASONI M.On the effectiveness of Linux containers for network virtualization[J].Simulation Modelling Practice&Theory,2013,31:169-185.
[5]
XAVIER M G,NEVES M V,ROSSI F D,et al.Performance Evaluation of Container-based Virtualization for High Performance Computing Environments[DB/OL].[2016-08-12].http://ieeexplore.ieee.org/document/6498558/.
[6]
SLOMINSKI A,MUTHUSAMY V,KHALAF R.Building a Multi-tenant Cloud Service from Legacy Code with Docker Containers[DB/OL].[2016-08-13].http://ieeexplore.ieee.org/document/7092950/.
[7]
BIEDERMAN E W,NETWORX L.Multiple Instances of the Global Linux Namespaces[DB/OL].[2016-06-11].http://www.landley.net/kdocs/ols/2006/ols2006v1-pages-101-112.pdf.
[8]
孙宏亮.Docker源码分析(一):Docker架构[EB/OL].[2016-09-11].http://www.infoq.com/cn/articles/docker-source-code-analysis-part1/.SUN H L.The Analysis of Docker Source Code Part I:The Architecture of Docker[EB/OL].[2016-09-18].http://www.infoq.com/cn/articles/dockersource-code-analysis-part1/(Ch).
[9]
MICHAEL K.Capabilities-Overview of Linux Capabilities[EB/OL].[2016-09-11].http://www.man7.org/linux/man-pages/man7/capabilities.7.html.
WANG J C,CHENG W F,CHEN H C,et al.Benefit of Construct Information Security Environment Based on Lightweight Virtualization Technology[DB/OL].[2016-08-23].http://ieeexplore.ieee.org/document/7389695/.
[12]
BACIS E,MUTTI S,CAPELLI S,et al.DockerPolicyModules:Mandatory Access Control for Docker Containers[DB/OL].[2016-09-12].http://ieeexplore.ieee.org/document/7346917/.
[13]
谭良,徐志伟.基于可信计算平台的信任链传递研究进展[J].计算机科学,2008,35(10):15-18TAN L,XU Z W.Development of the transitive trusted chain based on TPM[J].The Computer Science,2008,35(10):15-18(Ch).
[14]
FELTER W,FERREIRA A,RAJAMONY R,et al.An Updated Performance Comparison of Virtual Machines and Linux Containers[DB/OL].[2016-09-21].http://ieeexplore.ieee.org/document/7095802/.
[15]
BOETTIGER C.An introduction to Docker for reproducible research[J].ACM SIGOPS Operating Systems Review,2015,49(1):71-79.
[16]
MERKEL D.Docker:Lightweight linux containers for consistent development and deployment[J].Linux Journal,2014,2014(239):2.
[17]
JUSTIN W.Introduction to Linux Control Groups(Cgroups)[EB/OL].[2016-09-15].https://sysadmincasts.com/episodes/14-introduction-to-linux-control-groups-cgroups.
[18]
汪恺,张功萱,周秀敏.基于容器虚拟化技术研究[J].计算机技术与发展,2015(8):138-141.WANG K,ZHANG G X,ZHOU X M.Research on virtualization technology based on container[J].The Computer Technology and Development,2015(8):138-141(Ch).
[19]
XU M,JIANG X,SANDHU R,et al.Towards a VMM-based usage control framework for OS kernel integrity protection[C]//Proceedings of the 12th ACM Symposium on Access Control Models and Technologies.New York:ACM,2007:71-80.
[20]
林杰,刘川意,方滨兴.IVirt:基于虚拟机自省的运行环境完整性度量机制[J].计算机学报,2015,38(1):191-203.DOI:10.3724/SP.J.1016.2015.00191.LIN J,LIU C Y,FANG B X.IVirt:Runtime environment integrity measurement based on virtual machine introspection[J].The Chinese Journal of Computers,2015,38(1):191-203.DOI:10.3724/SP.J.1016.2015.00191(Ch).
