New Docker security feature focuses on content trust

A new Docker security feature for content trust will be critical to enterprise adoption of containers.

Docker users concerned about security with distributed containerized applications can use a new feature to validate content.

Docker Content Trust uses digital signatures to build and deploy Docker container applications. It's available as an opt-in capability in Docker Engine 1.8 and will eventually become an opt-out standard for all Docker tools.

Docker security concerns have been one of the biggest hang ups for enterprises as the open container company continues its ascent, though Docker says many of those worries are misplaced. Still, building a security model around trust has been one of the biggest areas of feedback Docker has received from operations teams, said Diogo Mónica, security lead for Docker.

The new mechanism enables users to only see trusted content on their command, while changing little about the user experience for developers, Mónica said. It works independent of the infrastructure it runs on.

This is Docker getting ahead of something that they know the enterprises will need in order for there to be widespread adoption -- not just best practices but actual tools to encourage those practices.
Dave Bartoletti principal analyst, Forrester Research, Inc

Security is a moving target, so it's hard to identify exactly what else needs to be done around containers, but this is a positive step and another sign that Docker is trying to address those concerns, said  Tim Kelton, co-founder and head of cloud architecture for Descartes Labs, Inc., a machine learning startup in Los Alamos, New Mexico. Though this latest security focus isn't a major issue at Descartes, which uses Google Container Engine, it's easy see why this would be important to a large corporation, he added.

"There's no doubt any time you distribute software you would like to be able to ensure the software you received is what the publisher of that software made and someone didn't get in the middle of that and add anything," Kelton said.

Based on The Update Framework, Docker Content Trust offers two sets of keys – an offline root key and a tagging per-repository key generated and stored client-side when a publisher first pushes an image. Each repository has its own tagging key, which is used any time content is added or removed from the repository. Docker also manages a timestamp key for the user to protect against replay attacks.

It's an important step, because enterprise customers exploring Docker always ask if containers will add any more security problems for them, said Dave Bartoletti, principal analyst for Forrester Research, Inc., based in Cambridge, Mass.

"They basically want to raise the bar that Docker is a secure place to deploy images," Bartoletti said.

Each time a new technology is added to the stack, just like virtualization before it, new layers of security become necessary, too, Bartoletti said. This is an acknowledgement that containers are another layer.

"This is Docker getting ahead of something that they know the enterprises will need in order for there to be widespread adoption -- not just best practices but actual tools to encourage those practices," Bartoletti said.

Trevor Jones is the news writer for SearchCloudComputing. You can reach him at

Dig Deeper on IT Ops Implications of Continuous Delivery

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Do you plan on opting-in to Docker Content Trust?
It’s a smart move by Docker to begin addressing some of the security concerns, whether those concerns are misplaced or not. Perception often replaces fact as the basis of reality in the technology world. This means that if the perception is that there are security concerns about using Docker, then those concerns will prohibit widespread adoption of Docker.