1 research outputs found
SoK: Security of Microservice Applications: A Practitioners' Perspective on Challenges and Best Practices
Cloud-based application deployment is becoming increasingly popular among
businesses, thanks to the emergence of microservices. However, securing such
architectures is a challenging task since traditional security concepts cannot
be directly applied to microservice architectures due to their distributed
nature. The situation is exacerbated by the scattered nature of guidelines and
best practices advocated by practitioners and organizations in this field. This
research paper we aim to shay light over the current microservice security
discussions hidden within Grey Literature (GL) sources. Particularly, we
identify the challenges that arise when securing microservice architectures, as
well as solutions recommended by practitioners to address these issues. For
this, we conducted a systematic GL study on the challenges and best practices
of microservice security present in the Internet with the goal of capturing
relevant discussions in blogs, white papers, and standards. We collected 312 GL
sources from which 57 were rigorously classified and analyzed. This analysis on
the one hand validated past academic literature studies in the area of
microservice security, but it also identified improvements to existing
methodologies pointing towards future research directions.Comment: Accepted at the 17th International Conference on Availability,
Reliability and Security (ARES 2022