JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor | Aalto-yliopisto | fi |
| dc.contributor | Aalto University | en |
| dc.contributor.advisor | Bufalino, Jacopo | |
| dc.contributor.author | Shmeleva, Ekaterina | |
| dc.date.accessioned | 2020-12-20T18:14:19Z | |
| dc.date.available | 2020-12-20T18:14:19Z | |
| dc.date.issued | 2020-12-14 | |
| dc.identifier.uri | https://aaltodoc.aalto.fi/handle/123456789/97601 | |
| dc.description.abstract | The microservice architecture is an architectural style that structures an application as a collection of fine-grained, self-contained, single-purpose, independently deployable services. Being a young architecture style and a still-evolving one, all aspects of the microservice architecture have not yet been thoroughly analysed in academic literature, especially compared to the fair amount of professional literature that exists on the subject. Hence, the grey literature provides a valuable resource for understanding the microservice architecture and gaining insight into current practices. Practitioners adopt the microservice architecture to tackle the problems of the monolithic architecture, including security issues. However, the microservice architecture is not a silver bullet and brings its own challenges. Adopting the microservice architecture changes the way security needs to be approached. Microservices have very particular security needs, different from those of a monolithic application, that must be accommodated. This thesis explores these needs and looks into strategies for satisfying them. Both the edge of the microservice application and the communication between microservices within the application need to be secured. Securing the application at the edge should not cause developers to downplay the importance of securing each microservice at the service-level and working towards adopting zero-trust security principles, which evidently gain popularity in the industry. In the thesis, we discuss end-user and service-to-service access control both at the edge of the deployment and the edge of the service. Finally, we describe the first step of the incremental process of migrating a monolithic application securely to microservices. We apply the strangler fig migration pattern and extract the identity microservice from the monolith. We evaluate the security of the resulting architecture based on the discoveries presented in the earlier chapters of the thesis. | en |
| dc.format.extent | vi + 67 | |
| dc.format.mimetype | application/pdf | en |
| dc.language.iso | en | en |
| dc.title | How Microservices are Changing the Security Landscape | en |
| dc.type | G2 Pro gradu, diplomityö | fi |
| dc.contributor.school | Perustieteiden korkeakoulu | fi |
| dc.subject.keyword | microservices | en |
| dc.subject.keyword | security | en |
| dc.subject.keyword | access control | en |
| dc.subject.keyword | zero trust | en |
| dc.subject.keyword | trust engineering | en |
| dc.subject.keyword | DevSecOps | en |
| dc.identifier.urn | URN:NBN:fi:aalto-2020122056428 | |
| dc.programme.major | Security and Cloud Computing | fi |
| dc.programme.mcode | SCI3084 | fi |
| dc.type.ontasot | Master's thesis | en |
| dc.type.ontasot | Diplomityö | fi |
| dc.contributor.supervisor | Aura, Tuomas | |
| dc.programme | Master’s Programme in Computer, Communication and Information Sciences | fi |
| local.aalto.electroniconly | yes | |
| local.aalto.openaccess | yes |
Files in this item
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
This item appears in the following Collection(s)
Submit a publication
Browse
Statistics
© Aalto University Learning Centre
Page content by: Aalto University Learning Centre | Privacy policy of the service | About this site
en