Abstract
The fast-paced development cycles of microservices applications increase the probability of insufficient security tests in the development pipelines and consequent deployment of vulnerable microservices. The distribution and ephemeral of microservices create a discoverability challenge for traditional security assessment techniques, especially for microservices being dynamically launched and de-registered. To address this in applications and networks, continuous security assessments are used for vulnerability detection. Detected vulnerabilities are thereafter patched, essentially reducing the chances for security attacks. This paper illustrates the microservices architecture and its components from the security perspective. It investigates, summarizes, and highlights the microservices security-related challenges and the suggested approaches and proposals for facing them. It addresses the security impact on the different microservice architectural perspectives.
Paper Type
Short Paper
DOI
10.62036/ISD.2022.27
Microservices Security Challenges and Approaches
The fast-paced development cycles of microservices applications increase the probability of insufficient security tests in the development pipelines and consequent deployment of vulnerable microservices. The distribution and ephemeral of microservices create a discoverability challenge for traditional security assessment techniques, especially for microservices being dynamically launched and de-registered. To address this in applications and networks, continuous security assessments are used for vulnerability detection. Detected vulnerabilities are thereafter patched, essentially reducing the chances for security attacks. This paper illustrates the microservices architecture and its components from the security perspective. It investigates, summarizes, and highlights the microservices security-related challenges and the suggested approaches and proposals for facing them. It addresses the security impact on the different microservice architectural perspectives.
Recommended Citation
Abdelfattah, A. S. & Cerny, T. (2022). Microservices Security Challenges and Approaches. In R. A. Buchmann, G. C. Silaghi, D. Bufnea, V. Niculescu, G. Czibula, C. Barry, M. Lang, H. Linger, & C. Schneider (Eds.), Information Systems Development: Artificial Intelligence for Information Systems Development and Operations (ISD2022 Proceedings). Cluj-Napoca, Romania: Risoprint. ISBN: 978-973-53-2917-4. https://doi.org/10.62036/ISD.2022.27