Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Case Study: Energence Read chapter Read first chapter

2021 | OriginalPaper | Chapter

9. Securing Microservices on Cloud

Author : Chandra Rajasekharaiah

Published in: Cloud-Based Microservices

Publisher: Apress

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

The perceived importance of security in an enterprise is directly proportional to the devastation caused by the previous attack. It does not have to be, but it often is. A genuinely secure enterprise enacts the security of software right at inception. We discussed the importance of securing the application right from its beginning in an earlier chapter, under the “DevSecOps” section. We briefly discussed what it takes to safeguard microservices (or any application) on the cloud. In this chapter, we discuss some of the most critical aspects of cybersecurity.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Core Cloud Concepts: Storage
next chapter Microservices, Here and Beyond
Footnotes
1
In most enterprises, accessing information across organizations is difficult. With APIs, all organizations expose their data for other organizations of the enterprise to access.
 
2
RPCs (remote procedure calls, such as CORBA, COM, Java RMI, etc.,) are legacy techniques of application integration, wherein systems exchange binary information over TCP sockets.
 
3
For readers familiar with PKI (public key infrastructure), a digital signature is an attachment to the message that the provider encrypts the hash of the key with its private key. The recipient can decrypt the hash with the provider’s public key and validate the payload. This enables detecting any tampering of payload and also guarantees non-repudiation.
 
4
LDAP (lightweight directory access protocol), a centralized repository of directory information services—with information such as employees, users, groups, group memberships, roles—is common in enterprises.
 
5
IdP, or identity provider services, are similar to central trusted entity that provides authentication services.
 
9
Load balancers can work at layer 4 as well, allowing TCP and UDP communication to route between multiple socket-servers. However, for microservices discussion, we focus on layer-7 capabilities of load balancers.
 
16
Many enterprises rely on getting data from their business partners using SMTP-based messaging (automated emails, for instance), or EDI (electronic data interchange) process that is similar to fax transmission.
 
21
Cryptojacking worms such as ‘Graboid’, ‘Cetus’, spread through infected binaries.
 
22
Trivy, Anchore, Clair are some popular container image scanning tools.
 
23
Securing PII (personally identifiable data) and PCI (payment card industry) data are vital areas of data compliance and legal responsibilities of enterprises.
 
24
In mid 2020, a hacker group “TeamTNT” used infected Docker containers to retrieve CSP’s credentials and infected a large number of business systems. Similarly, malware such as ‘WannaMine’ (2017) and ‘Graboid’ (2019), found in infected containers, have caused security breaches.
 
Metadata
Title
Securing Microservices on Cloud
Author
Chandra Rajasekharaiah
Copyright Year
2021
Publisher
Apress
Book
Cloud-Based Microservices

Print ISBN: 978-1-4842-6563-5

Electronic ISBN: 978-1-4842-6564-2

Copyright Year: 2021

DOI
https://doi.org/10.1007/978-1-4842-6564-2_9

Premium Partner

    Image Credits