MisMesh: Security Issues and Challenges in Service Meshes
Service meshes have emerged as an attractive DevOps solution for collecting, managing, and coordinating microservice deployments. However, current service meshes leave fundamental security mechanisms missing or incomplete. The security burden means service meshes may actually cause additional worklo...
Saved in:
Published in | Security and Privacy in Communication Networks Vol. 335; pp. 140 - 151 |
---|---|
Main Authors | , , |
Format | Book Chapter |
Language | English |
Published |
Switzerland
Springer International Publishing AG
01.01.2020
Springer International Publishing |
Series | Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Service meshes have emerged as an attractive DevOps solution for collecting, managing, and coordinating microservice deployments. However, current service meshes leave fundamental security mechanisms missing or incomplete. The security burden means service meshes may actually cause additional workload and overhead for administrators over traditional monolithic systems. By assessing the effectiveness and practicality of service mesh tools, this work provides necessary insights into the available security of service meshes. We evaluate service meshes under skilled administrators (who deploy optimal configurations of available security mechanisms) and default configurations. We consider a comprehensive set of adversarial scenarios, uncover design flaws contradicting system goals, and present limitations and challenges encountered in employing service mesh tools for operational environments. |
---|---|
ISBN: | 9783030630850 3030630854 |
ISSN: | 1867-8211 1867-822X |
DOI: | 10.1007/978-3-030-63086-7_9 |