Learning Centre

How Microservices are Changing the Security Landscape

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en
dc.contributor.advisor Bufalino, Jacopo
dc.contributor.author Shmeleva, Ekaterina
dc.date.accessioned 2020-12-20T18:14:19Z
dc.date.available 2020-12-20T18:14:19Z
dc.date.issued 2020-12-14
dc.identifier.uri https://aaltodoc.aalto.fi/handle/123456789/97601
dc.description.abstract The microservice architecture is an architectural style that structures an application as a collection of fine-grained, self-contained, single-purpose, independently deployable services. Being a young architecture style and a still-evolving one, all aspects of the microservice architecture have not yet been thoroughly analysed in academic literature, especially compared to the fair amount of professional literature that exists on the subject. Hence, the grey literature provides a valuable resource for understanding the microservice architecture and gaining insight into current practices. Practitioners adopt the microservice architecture to tackle the problems of the monolithic architecture, including security issues. However, the microservice architecture is not a silver bullet and brings its own challenges. Adopting the microservice architecture changes the way security needs to be approached. Microservices have very particular security needs, different from those of a monolithic application, that must be accommodated. This thesis explores these needs and looks into strategies for satisfying them. Both the edge of the microservice application and the communication between microservices within the application need to be secured. Securing the application at the edge should not cause developers to downplay the importance of securing each microservice at the service-level and working towards adopting zero-trust security principles, which evidently gain popularity in the industry. In the thesis, we discuss end-user and service-to-service access control both at the edge of the deployment and the edge of the service. Finally, we describe the first step of the incremental process of migrating a monolithic application securely to microservices. We apply the strangler fig migration pattern and extract the identity microservice from the monolith. We evaluate the security of the resulting architecture based on the discoveries presented in the earlier chapters of the thesis. en
dc.format.extent vi + 67
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.title How Microservices are Changing the Security Landscape en
dc.type G2 Pro gradu, diplomityö fi
dc.contributor.school Perustieteiden korkeakoulu fi
dc.subject.keyword microservices en
dc.subject.keyword security en
dc.subject.keyword access control en
dc.subject.keyword zero trust en
dc.subject.keyword trust engineering en
dc.subject.keyword DevSecOps en
dc.identifier.urn URN:NBN:fi:aalto-2020122056428
dc.programme.major Security and Cloud Computing fi
dc.programme.mcode SCI3084 fi
dc.type.ontasot Master's thesis en
dc.type.ontasot Diplomityö fi
dc.contributor.supervisor Aura, Tuomas
dc.programme Master’s Programme in Computer, Communication and Information Sciences fi
local.aalto.electroniconly yes
local.aalto.openaccess yes

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication