Microservices security CSA meetup ppt 10_21_2015_v2-2
-
Upload
vishwas-manral -
Category
Software
-
view
418 -
download
0
Transcript of Microservices security CSA meetup ppt 10_21_2015_v2-2
MICRO-SERVICES SECURITY
Aamir Salaam
Presentation on: Oct 21, 2015 @ Cloud Security Alliance Meetup
Aamir Salaam – SOA Architect
1. Qualifications:
• MBA – Entrepreneurship, Santa Clara University
• MS – Computer Science, Golden Gate University
• BS – Computer Science, India
• Stanford University – Advanced Computer Security
2. Experiences:
• 18 yrs total – B2B & B2C Startups; Cisco Systems
• 10 + yrs Software Architecture, EA – Cisco Systems, Services
• SOA / microservices / APIs / API Management
Agenda
1. Overview of Microservices
2. Key Patterns
3. Security
4. Q & A
What are Microservices?
From book titled “Building Microservices” by Sam Newman:
“Microservices are small, autonomous
services that work together”
What are Microservices?
1. Small and Focused on Doing One Thing Well:
• Codebases growing large quickly similar functions dispersed
• Focus on business boundaries
• How small is small? focus on services aligned to team structures
2. Autonomous:
• Isolated service deployed on PAAS (Platform As A Service)
• Inter-service communication via network calls
• APIs
Microservices Benefits
1. Technology Heterogeneity
2. Resilience
3. Scaling
4. Ease of Deployment
5. Organizational Alignment
6. Composability
7. Optimizing for Replaceability
Key Design Patterns
1. Aggregator / Proxy
2. Chained
3. Async Messaging
and more …
Proxy Microservices Pattern
Chained Microservices Pattern
Asynchronous Microservices Pattern
Microservices Security
Service to Service Authentication and Authorization
• HTTPS over Basic Authentication
• SAML or Open ID Connect
• Client Certificates
• HMAC over HTTP
• API Key
Use Case
e.g. vulnerableProducts | customer –names | advisorydetails -u
Deployment
Microservices Principles
Source: Book on “Building Microservices” by Sam Newman, page 248
Wrap-Up
1. Microservices are small, focused on one thing doing
well, autonomous services
2. Proxy, Chained, Async Microservices Patterns
3. Security mostly using OAUTH – Client Credentials Flow