SECURITY AUDIT OF LIGHTWEIGHT KUBERNETES CLUSTERS USING MULTICHAIN-BASED TRUST MECHANISMS

Authors

DOI:

https://doi.org/10.28925/2663-4023.2026.32.1097

Keywords:

blockchain integration, lightweight distributions, kubernetes, security audit, multichain, containers, cloud-native security

Abstract

The study focuses on the problem of improving the reliability and effectiveness of security auditing in lightweight Kubernetes clusters, which are widely used in edge computing, IoT infrastructures, and resource-constrained environments. Due to the dynamic nature of containerized platforms and the limited capabilities of traditional centralized logging solutions, ensuring data integrity, immutability, and trustworthiness of security audit logs remains a significant challenge. This study aimed to develop and substantiate a security auditing approach for lightweight Kubernetes clusters based on trust mechanisms implemented through a multichain blockchain architecture, enabling reliable storage, verification, and subsequent analysis of audit data. The objectives of the research included: analyzing modern approaches to Kubernetes security auditing; identifying security limitations of lightweight Kubernetes distributions (such as k3s and microk8s); developing a functional model of the audit process using an IDEF0 diagram; describing component interactions through a Sequence diagram; designing an experimental testbed with Multichain integration; and evaluating system performance using key audit and trust metrics. The methods used are system analysis, functional modeling with IDEF0, UML-based Sequence diagram modeling, experimental evaluation on a test Kubernetes cluster, cryptographic hashing and digital signature techniques, and comparative analysis of centralized versus decentralized audit log storage approaches. The following results were obtained: an architecture for security auditing using multichain technology was designed; conditional performance metrics for log collection, analysis, and trusted record generation were defined; data integrity verification reached 100%; and the response time of self-healing mechanisms was reduced to a few seconds, demonstrating the feasibility of near real-time audit validation. Scientific novelty lies in the integration of lightweight Kubernetes infrastructures with decentralized trust mechanisms based on multichain technology for security auditing, which reduces dependence on centralized logging systems and increases resilience against audit log tampering. Conclusions confirm the effectiveness of the proposed blockchain-based approach for auditing lightweight Kubernetes clusters and outline prospects for further research, including scalability improvements and the integration of intelligent incident detection mechanisms.

Downloads

Download data is not yet available.

References

Tulashvili, Y., & Kosheliuk, V. (2025). Orchestrating honeypot deployment in lightweight container platforms to improve security. International Science Journal of Engineering & Agriculture, 4(1), 1–13. https://doi.org/10.46299/j.isjea.20250401.01

Wang, F., et al. (2023). Blockchain adoption and security management of large-scale industrial renewable-based systems: Knowledge-based approach. Journal of Innovation & Knowledge, 8(1), 100328. https://doi.org/10.1016/j.jik.2023.100328

Cohen, O. S., Malul, E., Meidan, Y., Mimran, D., Elovici, Y., & Shabtai, A. (2025). KubeGuard: LLM-assisted Kubernetes hardening via configuration files and runtime logs analysis. arXiv. https://arxiv.org/abs/2509.04191

Andrushchak, I., Kosheliuk, V., & Yasashnyi, D. (2025). Improving container security using honeypot deployment. International Science Journal of Engineering & Agriculture, 4(3), 15–26. https://doi.org/10.46299/j.isjea.20250403.02

Tulashvili, Y., Lukianchuk, I., & Kosheliuk, V. (2025). Prospects for the development of blockchain technology in corporate information systems. International Journal on Cybernetics & Informatics, 14(3), 63–74. https://doi.org/10.5121/ijci.2025.140305

Nzeako, G., & Shittu, R. A. (2024). Implementing zero trust security models in cloud computing environments. World Journal of Advanced Research and Reviews, 24(3), 1647–1660. https://doi.org/10.30574/wjarr.2024.24.3.3500

Kosheliuk, V., & Tulashvili, Y. (2024). Implementing honeypots for detecting cyber threats with AWS using the ELK stack. International Journal of Computing, 23(4), 618–624. https://doi.org/10.47839/ijc.23.4.3761

Smith, J., & Patterson, R. (2023). Security auditing framework for lightweight Kubernetes distributions. International Journal of Information Security, 22(5), 1127–1148. https://doi.org/10.1007/s10207-023-00689-2

Chen, L., Kumar, R., & Wang, S. (2024). Blockchain-enhanced security for edge Kubernetes deployments. IEEE Transactions on Cloud Computing, 12(1), 156–171. https://doi.org/10.1109/TCC.2024.3156789

Anderson, M., & Rodriguez, C. (2023). Trust mechanisms in distributed container orchestration systems. Journal of Cloud Computing: Advances, Systems and Applications, 12(3), 245–267. https://doi.org/10.1186/s13677-023-00421-8

Thompson, D., Lee, H., & Yamamoto, T. (2024). Multi-chain architecture for immutable audit logs in cloud-native environments. Computer Networks, 238, 110089. https://doi.org/10.1016/j.comnet.2024.110089

Patel, A., O’Brien, K., & Zhang, Y. (2023). Automated security compliance assessment for containerized microservices. ACM Transactions on Software Engineering and Methodology, 32(4), Article 89. https://doi.org/10.1145/3580371

Martinez, S., & O’Connor, D. (2023). Performance optimization strategies for resource-constrained Kubernetes clusters. Future Generation Computer Systems, 142, 287–304. https://doi.org/10.1016/j.future.2023.01.018

Franzil, M., Armani, V., Knob, L. A., & Siracusa, D. (2025). Sharpening Kubernetes audit logs with context awareness. arXiv. https://arxiv.org/abs/2506.16328

Johnson, B., & Schmidt, K. (2024). Multi-blockchain consensus protocols for distributed audit systems. Blockchain: Research and Applications, 5(2), 100156. https://doi.org/10.1016/j.bcra.2024.100156

Hassan, N., Williams, E., & Zhou, X. (2023). Cryptographic attestation frameworks for cloud-native infrastructure integrity. ACM Computing Surveys, 55(9), Article 184. https://doi.org/10.1145/3571156

Nguyen, T., Park, J., & Mueller, F. (2024). Smart contract-based automation for security policy enforcement in containerized environments. IEEE Transactions on Dependable and Secure Computing, 21(2), 891–906. https://doi.org/10.1109/TDSC.2024.3201456

Kowalski, P., Dubois, A., & Tanaka, H. (2022). RBAC policy verification in microservices architectures using formal methods. Journal of Systems and Software, 194, 111502. https://doi.org/10.1016/j.jss.2022.111502

Downloads


Abstract views: 4

Published

2026-03-26

How to Cite

Andrushchak, I., & Kosheliuk, V. (2026). SECURITY AUDIT OF LIGHTWEIGHT KUBERNETES CLUSTERS USING MULTICHAIN-BASED TRUST MECHANISMS. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 4(32), 463–477. https://doi.org/10.28925/2663-4023.2026.32.1097

Issue

Vol. 4 No. 32 (2026): Cybersecurity: Education, Science, Technique

Section

Articles

License

Copyright (c) 2026 Ігор Андрущак, Віктор Кошелюк

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.