Advanced Secret Handling in Kubernetes Application with HashiCorp Vault

No Thumbnail Available
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Date
2023-08-21
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3113
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
76
Series
Abstract
In the era of microservices and cloud-based systems, safeguarding sensitive credentials has become a critical concern for modern businesses. This thesis delves into the application of HashiCorp Vault, a prominent tool for secure secret management, within the domain of telecommunication networks, renowned for managing tens of thousands of nodes. Through a case study approach, this research explores Vault's core components, security features, and disaster recovery mechanisms, with a specific focus on integrating them into existing telecommunication systems. A thorough examination of technical documentation, academic literature, and industry reports reveals fundamental concepts and best practices in credential management. Additionally, this study provides a comprehensive analysis of the system architecture of telecom management systems, showcasing how HashiCorp Vault's capabilities bolster security, ensure compliance, and sustain business continuity in large-scale networks. Nevertheless, the thesis also addresses the implications of integrating HashiCorp Vault into the system architecture, including potential challenges tied to complexity and the need for meticulous key management for such extensive credentials. The findings emphasize the necessity of a balanced approach, prioritizing both automation and security. Vigilant monitoring, alerting, and maintenance practices are paramount. As a conclusion, this thesis proposes promising avenues for future research, envisioning the integration of artificial intelligence, machine learning, and blockchain technologies in credential management systems. These advancements hold the potential to further enhance the security landscape for telecommunication networks and beyond.
Description
Supervisor
Aura, Tuomas
Thesis advisor
Torvinen, Vesa
Keywords
HashiCorp Vault, kubernetes, key management system, master key
Other note
Citation