contents

contents

acknowledgments

about this book

about the authors

about the cover illustration

Part 1. Overview

1 Microservices security landscape

How security works in a monolithic application

Challenges of securing microservices

The broader the attack surface, the higher the risk of attack

Distributed security screening may result in poor performance

Deployment complexities make bootstrapping trust among microservices a nightmare

Requests spanning multiple microservices are harder to trace

Immutability of containers challenges how you maintain service credentials and access-control policies

The distributed nature of microservices makes sharing user context harder

Polyglot architecture demands more security expertise on each development team

Key security fundamentals

Authentication protects your system against spoofing

Integrity protects your system from data tampering

Nonrepudiation: Do it once, and you own it forever

Confidentiality protects your systems from unintended information disclosure

Availability: Keep the system running, no matter what

Authorization: Nothing more than you’re supposed to do

The role of an API gateway in a microservices deployment

@font-face { font-family: 'livebook'; src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0'); src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0') format('embedded-opentype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.woff?1.9.0') format('woff'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.ttf?1.9.0') format('truetype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.svg?1.9.0') format('svg'); font-weight: normal; font-style: normal; }