A Microservice Resilience Deployment Mechanism Based on Diversity

Yu, Hang; Wang, Xiulei; Xing, Changyou; Xu, Bo

doi:10.1155/2022/7146716

Cited by 2 publications

(1 citation statement)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It covers authentication, e.g., using Mutual Transport Layer Security (mTLS) and authorization, secure communication between services, e.g., using encrypted channels, and other securityrelated topics like service discovery, communication within a Service Mesh, the Sidecar Pattern [18], network segmentation and firewalls, and intrusion detection. The use of orchestration and container technologies, such as Kubernetes [19] and Docker [20], can increase the complexity of managing microservices and extend the range of potential attacks to include third-party vulnerabilities and other related issues [13,21,22]. The implementation of dedicated patterns, such as the Token Pattern [11], the API Gateway Pattern, and the use of a Service Mesh, are particularly effective in enforcing security measures within microservices [1,2].…”

Section: ) Perspectives On Microservice Securitymentioning

confidence: 99%

A Systematic Literature Review of Inter-Service Security Threats and Mitigation Strategies in Microservice Architectures

Haindl,

Kochberger,

Sveggen

2024

IEEE Access

View full text Add to dashboard Cite

Ensuring security is of paramount importance in microservice architectures, given their distributed nature, involving numerous services and network-spanning interactions. This architectural style, which can comprise hundreds to thousands of services, inherently presents a more extensive attack surface compared to traditional monolithic applications. Moreover, the polyglot nature of microservices, which encompasses services developed and deployed using diverse programming languages and technologies, further complicates the security landscape. This paper presents a systematic literature review, analyzing 54 publications specifically in the context of security threats and mitigation strategies within the area of inter-service security in microservice architectures. We observed that the majority of studies focus on presenting methods, models, and guidelines for microservice security, with a significant portion validating these approaches. Publications in the field have increased since 2015, with conference papers being the most common type. Security threats identified are mainly related to security perimeters, attack surfaces, and inadequate monitoring and intrusion detection. There is a notable lack of comprehensive analysis on specific security threats, particularly in inter-service authentication and communication. Mitigation strategies receive more attention than security threats, with extensive discussion on infrastructure defense and secure coding practices. The identified research gap highlights the need for establishing a connection between security threats and their mitigation strategies in microservice architectures. It also underscores the necessity for a standardized taxonomy in microservice security to clarify terminology and consolidate best practices, addressing inconsistencies in the literature and guiding future empirical studies on the practical challenges of implementing security measures.

show abstract