[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
IEICE Transactions on Information and Systems
Online ISSN : 1745-1361
Print ISSN : 0916-8532
Regular Section
Understanding File System Operations of a Secure Container Runtime Using System Call Tracing Technique
Sunwoo JANGYoung-Kyoon SUHByungchul TAK
Author information
Keywords: secure container runtime, system call, gVisor
JOURNAL FREE ACCESS

2024 Volume E107.D Issue 2 Pages 229-233

Details
Download PDF (329K)
Download citation RIS

(compatible with EndNote, Reference Manager, ProCite, RefWorks)

BIB TEX

(compatible with BibDesk, LaTeX)

Text
How to download citation
Contact us
Abstract

This letter presents a technique that observes system call mapping behavior of the proxy kernel layer of secure container runtimes. We applied it to file system operations of a secure container runtime, gVisor. We found that gVisor's operations can become more expensive than the native by 48× more syscalls for open, and 6× for read and write.

Content from these authors
© 2024 The Institute of Electronics, Information and Communication Engineers
Previous article Next article
Favorites & Alerts

Recently viewed articles
Announcements from publisher
  • Readers can also download the PDF from https://search.ieice.org/iss/
  • PayPerView service
  • Please contact trans-d [a] ieice.org, if you want to unlock PDF security.
Share this page
feedback
 Top