主权项 |
1. One or more non-transitory computer readable media having container management and protection logic encoded therein for managing a system of containers accessible to a computer system, wherein the container management and protection logic, when executed by one or more processors, is to:
intercept, dynamically, an operation request in the computer system that is to affect a targeted container in the system of containers; identify the targeted container of the intercepted operation request; analyze an inventory of a plurality of protected containers in the system of containers to determine if an identifier of one of the plurality of protected containers corresponds to an identifier of the targeted container; identify an entity associated with an initiation of the operation request; analyze, if the identifier of one of the plurality of protected containers corresponds to the identifier of the targeted container, one or more change authorization policies to determine whether the identified entity is authorized to update the targeted container; allow the operation request to be performed if it is determined that the identified entity is authorized to update the targeted container; generate a new identifier for the targeted container after the operation request is performed; and update the inventory with the new identifier, wherein the new identifier is useable to verify integrity of the targeted container. |