TY - GEN
T1 - Integrity protection against insiders in microservice-based infrastructures
T2 - International Conference on Software Technologies: Applications and Foundations, STAF 2018
AU - Ahmadvand, Mohsen
AU - Pretschner, Alexander
AU - Ball, Keith
AU - Eyring, Daniel
N1 - Publisher Copyright:
© Springer Nature Switzerland AG 2018.
PY - 2018
Y1 - 2018
N2 - Building microservices involves continuous modifications at design, deployment, and run times. The DevOps notion together with the “you built it, you run it” paradigm often result in a much larger number of developers with direct access to the production pipeline than in the case of monolithic systems. Reproducible builds and continuous delivery entail practices that further worsen this situation as they grant insiders with indirect accesses (scripted processes) to production machines. Moreover, managing microservices is heavily aided by governance tools (such as Kubernetes) that are configured and controlled by insiders. In this setting, accounting for malicious insiders quickly becomes a major concern. In this paper, we identify representative integrity threats to microservice-based systems in the broader context of a development process by analyzing real-world microservice-based systems. We show that even end-to-end encryption may fall short without adequate integrity protections. From the identified threats, we then derive a set of security requirements for holistic protection. Finally, we propose a framework that serves as a blueprint for insider-resistant integrity protection in microservices.
AB - Building microservices involves continuous modifications at design, deployment, and run times. The DevOps notion together with the “you built it, you run it” paradigm often result in a much larger number of developers with direct access to the production pipeline than in the case of monolithic systems. Reproducible builds and continuous delivery entail practices that further worsen this situation as they grant insiders with indirect accesses (scripted processes) to production machines. Moreover, managing microservices is heavily aided by governance tools (such as Kubernetes) that are configured and controlled by insiders. In this setting, accounting for malicious insiders quickly becomes a major concern. In this paper, we identify representative integrity threats to microservice-based systems in the broader context of a development process by analyzing real-world microservice-based systems. We show that even end-to-end encryption may fall short without adequate integrity protections. From the identified threats, we then derive a set of security requirements for holistic protection. Finally, we propose a framework that serves as a blueprint for insider-resistant integrity protection in microservices.
UR - http://www.scopus.com/inward/record.url?scp=85058507063&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-04771-9_43
DO - 10.1007/978-3-030-04771-9_43
M3 - Conference contribution
AN - SCOPUS:85058507063
SN - 9783030047702
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 573
EP - 588
BT - Software Technologies
A2 - Mazzara, Manuel
A2 - Salaün, Gwen
A2 - Ober, Iulian
PB - Springer Verlag
Y2 - 25 June 2018 through 29 June 2018
ER -