Comparative analysis between Docker and podman, and secure authentication and authorization in AWS

The increasing adoption of IoT devices using containers is revolutionizing the technology landscape, requiring advanced solutions for security and resource management. This thesis, conducted in the Drivesec company context, focuses on two central themes: secure container virtualization, user authorization and authentication in IoT environments on Amazon Web Services (AWS). The first part of the research presents a comparative analysis between two leading technologies for container creation and management, Docker and Podman. This analysis examines the performance and security of both technologies, exploring their capabilities in rootless and rootfull mode. The second part of the thesis explores user authentication and authorization in IoT environments using AWS capabilities. With the proliferation of IoT, secure access management becomes essential to protect data, connected devices, and intellectual property. The research analyzes in depth the capabilities of AWS to implement robust authorization and authentication policies. The conclusions of this thesis provide a detailed overview of current security and authentication and authorization practices through AWS services. Furthermore, they highlight the vulnerabilities of current container virtualization technologies through specific capabilities, thus significantly contributing to improving the security and reliability of distributed applications. This work responds to the emerging challenges in an increasingly interconnected environment.