Defense-in-Depth Methods in Microservices Access Control
Suomalainen, Joel (2019)
Suomalainen, Joel
2019
Tietotekniikka
Informaatioteknologian ja viestinnän tiedekunta - Faculty of Information Technology and Communication Sciences
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Hyväksymispäivämäärä
2019-03-25
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tty-201903081293
https://urn.fi/URN:NBN:fi:tty-201903081293
Tiivistelmä
More and more application deployments are moving towards leveraging the microservice paradigm in hopes of increased efficiency of operations and more flexible software development. Microservices are not a straightforward successor of existing methods and they introduce a lot of new complexity. Especially security concerns lack analysis in academic literature and new developments have mostly been assessed in grey literature.
The thesis explores the solutions to increase the security of microservice applications hosted in virtual private clouds. We start with the assumption that the networking security controls have been bypassed and the adversary is inside the network. We look at the situation through a holistic lens to identify the biggest gaps and how they can be filled in REST service-to-service communications. The solutions are platform agnostic to support the multi-cloud paradigm to reduce operational costs and increase global coverage.
Defense-in-depth methods proposed are establishing mutually authenticated TLS connections between services comprising an application and introducing granular access control using cryptographically secure methods. The industry state of the art ways to achieve these are assessed and analyzed comparatively and against good security engineering design principles. Both methodologies and their practical implementations are explored. We assess two distinct models for reference use for secure architecture design in microservices. These models piece lower level pieces into a comprehensive idea of what good microservice security looks like. The architectures can be used as is, as a basis for designing secure application architectures.
The thesis introduces security analysis of existing methods of deploying and establishing secure microservice applications, from container level orchestration to high level architectural choices. The work adds to the existing body of knowledge by assessing some of the security concerns enterprises moving towards microservice deployments are facing and by providing a new analysis of industry developments that have not been looked at thoroughly through a security lens in scientific literature.
The thesis explores the solutions to increase the security of microservice applications hosted in virtual private clouds. We start with the assumption that the networking security controls have been bypassed and the adversary is inside the network. We look at the situation through a holistic lens to identify the biggest gaps and how they can be filled in REST service-to-service communications. The solutions are platform agnostic to support the multi-cloud paradigm to reduce operational costs and increase global coverage.
Defense-in-depth methods proposed are establishing mutually authenticated TLS connections between services comprising an application and introducing granular access control using cryptographically secure methods. The industry state of the art ways to achieve these are assessed and analyzed comparatively and against good security engineering design principles. Both methodologies and their practical implementations are explored. We assess two distinct models for reference use for secure architecture design in microservices. These models piece lower level pieces into a comprehensive idea of what good microservice security looks like. The architectures can be used as is, as a basis for designing secure application architectures.
The thesis introduces security analysis of existing methods of deploying and establishing secure microservice applications, from container level orchestration to high level architectural choices. The work adds to the existing body of knowledge by assessing some of the security concerns enterprises moving towards microservice deployments are facing and by providing a new analysis of industry developments that have not been looked at thoroughly through a security lens in scientific literature.