Time Complexity: Security benchmarks (CIS Docker)
O(n)
0
0
Security benchmarks (CIS Docker) - Time & Space Complexity
Understanding Time Complexity
We want to understand how the time to check Docker security settings grows as we add more rules from the CIS benchmark.
How does scanning more security rules affect the total time taken?
Scenario Under Consideration
Analyze the time complexity of this Docker security check script snippet.
#!/bin/bash
rules=("1.1" "1.2" "2.1" "2.2" "3.1")
for rule in "${rules[@]}"; do
docker info | grep "$rule"
docker ps -a
# Additional checks per rule
sleep 1
done
This script loops over a list of CIS Docker benchmark rules and runs checks for each rule.
Identify Repeating Operations
Look for repeated actions in the script.
- Primary operation: Looping over each security rule to run Docker commands.
- How many times: Once per rule in the list.
How Execution Grows With Input
As the number of rules increases, the script runs more checks, so time grows with the number of rules.
| Input Size (n) | Approx. Operations |
|---|---|
| 10 | 10 Docker info and ps commands |
| 100 | 100 Docker info and ps commands |
| 1000 | 1000 Docker info and ps commands |
Pattern observation: The total operations increase directly with the number of rules.
Final Time Complexity
Time Complexity: O(n)
This means the time to complete the security checks grows in a straight line as you add more rules.
Common Mistake
[X] Wrong: "Adding more rules won't affect the total time much because each check is fast."
[OK] Correct: Each rule adds a full set of Docker commands, so total time adds up directly with rules.
Interview Connect
Understanding how time grows with input helps you design efficient security scans and explain your reasoning clearly in discussions.
Self-Check
"What if the script ran multiple Docker commands per rule instead of just one? How would the time complexity change?"