microservices security csa meetup ppt 10_21_2015_v2-2
TRANSCRIPT
![Page 1: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/1.jpg)
MICRO-SERVICES SECURITY
Aamir Salaam
Presentation on: Oct 21, 2015 @ Cloud Security Alliance Meetup
![Page 2: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/2.jpg)
Aamir Salaam – SOA Architect
1. Qualifications:
• MBA – Entrepreneurship, Santa Clara University
• MS – Computer Science, Golden Gate University
• BS – Computer Science, India
• Stanford University – Advanced Computer Security
2. Experiences:
• 18 yrs total – B2B & B2C Startups; Cisco Systems
• 10 + yrs Software Architecture, EA – Cisco Systems, Services
• SOA / microservices / APIs / API Management
![Page 3: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/3.jpg)
Agenda
1. Overview of Microservices
2. Key Patterns
3. Security
4. Q & A
![Page 4: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/4.jpg)
What are Microservices?
From book titled “Building Microservices” by Sam Newman:
“Microservices are small, autonomous
services that work together”
![Page 5: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/5.jpg)
What are Microservices?
1. Small and Focused on Doing One Thing Well:
• Codebases growing large quickly similar functions dispersed
• Focus on business boundaries
• How small is small? focus on services aligned to team structures
2. Autonomous:
• Isolated service deployed on PAAS (Platform As A Service)
• Inter-service communication via network calls
• APIs
![Page 6: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/6.jpg)
Microservices Benefits
1. Technology Heterogeneity
2. Resilience
3. Scaling
4. Ease of Deployment
5. Organizational Alignment
6. Composability
7. Optimizing for Replaceability
![Page 7: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/7.jpg)
Key Design Patterns
1. Aggregator / Proxy
2. Chained
3. Async Messaging
and more …
![Page 8: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/8.jpg)
Proxy Microservices Pattern
![Page 9: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/9.jpg)
Chained Microservices Pattern
![Page 10: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/10.jpg)
Asynchronous Microservices Pattern
![Page 11: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/11.jpg)
Microservices Security
Service to Service Authentication and Authorization
• HTTPS over Basic Authentication
• SAML or Open ID Connect
• Client Certificates
• HMAC over HTTP
• API Key
![Page 12: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/12.jpg)
Use Case
e.g. vulnerableProducts | customer –names | advisorydetails -u
![Page 13: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/13.jpg)
Deployment
![Page 14: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/14.jpg)
Microservices Principles
Source: Book on “Building Microservices” by Sam Newman, page 248
![Page 15: Microservices security CSA meetup ppt 10_21_2015_v2-2](https://reader031.vdocuments.us/reader031/viewer/2022030223/58836d741a28ab536b8b68d7/html5/thumbnails/15.jpg)
Wrap-Up
1. Microservices are small, focused on one thing doing
well, autonomous services
2. Proxy, Chained, Async Microservices Patterns
3. Security mostly using OAUTH – Client Credentials Flow