Abstract
The microservices architecture expands the attack surface with multiple microservices communicating with each other remotely. Instead of having one or two entry points, now we have hundreds of entry points to worry about. It’s a common principle in security that the strength of a given system is only as strong as the strength of its weakest link. The more entry points we have, the broader the attack surface, and the higher the risk of being attacked. Unlike in a monolithic application, the depth and breadth we need to worry about in securing a microservice is much higher. There are multiple perspectives in securing microservices: secure development lifecycle and test automation, security in DevOps, and application level security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
An OCSP responder is an endpoint hosted by the certificate authority to respond to certificate validation requests by client applications.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2018 Kasun Indrasiri and Prabath Siriwardena
About this chapter
Cite this chapter
Indrasiri, K., Siriwardena, P. (2018). Microservices Security Fundamentals. In: Microservices for the Enterprise. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-3858-5_11
Download citation
DOI: https://doi.org/10.1007/978-1-4842-3858-5_11
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-3857-8
Online ISBN: 978-1-4842-3858-5
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)