MIS603: Microservices Architecture Security and Privacy Analysis
VerifiedAdded on 2021/01/06
|9
|1916
|96
Report
AI Summary
This report provides a comprehensive analysis of microservices architecture, examining its advantages over monolithic architecture while highlighting the inherent challenges such as configuration management, debugging complexities, maintaining consistency, ensuring independency between services, and addressing scalability issues. The study delves into the security and privacy risks associated with microservices, including design vulnerabilities, identical management difficulties, data management concerns, rapid application changes, and the increased attack surface due to API communication. The report then proposes various mitigation strategies to reduce these risks, emphasizing secure design practices, dependency scanning, HTTPS implementation, threat monitoring, and the encryption of sensitive data. Ultimately, the report concludes that despite its challenges, microservices architecture is a preferred approach, and effective mitigation strategies are crucial for secure and efficient system development.
MIS603
Micro services Architecture
Title-
Student Name-
Student Number -
Lecturer’s Name-
1
Micro services Architecture
Title-
Student Name-
Student Number -
Lecturer’s Name-
1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Table of Contents
Introduction.....................................................................................................................................................................4
Challenges and issues in microservices architecture.......................................................................................................4
Privacy and security issues due to challenges in Microservices architecture..................................................................6
Mitigation strategies to manage security and privacy risk...............................................................................................7
Conclusion....................................................................................................................................................................... 8
References....................................................................................................................................................................... 9
2
Introduction.....................................................................................................................................................................4
Challenges and issues in microservices architecture.......................................................................................................4
Privacy and security issues due to challenges in Microservices architecture..................................................................6
Mitigation strategies to manage security and privacy risk...............................................................................................7
Conclusion....................................................................................................................................................................... 8
References....................................................................................................................................................................... 9
2
3
You're viewing a preview
Unlock full access by subscribing today!
Introduction
As we all know nowadays business systems are becoming more complex due to dynamic environment and
globalisation. And to develop and maintain a system is becoming a challenge for the developer team. Microservices
architecture model is proposed by Martin Fowler and James in 2014 and within a few years many companies has
started using microservices architecture for improving the life cycle of products. It helps in splitting the complex
applications of system into a small part which can be develop, test, deploy, operate and upgrades independently
(Zheng & Wei, 2018). Micoservices architecture model was introduced to overcome the disadvantages of traditional
approach that is monolithic architecture. In monolithic architecture single database was shared whereas in
microservices architecture services has its own database which leads to increase in speed, etc, The use of
microservices architecture is enormously increasing in business industries and in scientific research in various fileds
to increase the speed and agility while developing microservices. However, microservices model also brings a lot of
complexities along with it (Swathi & R, 2020).
While preparing this report I have studied various research study done in the field of microservice architecture which
provided me deep insight regarding relevance of microservices architecture model in the organizations. In this report
I focused upon identifying the key issues and challenges arise while using microservices architecture model in the
organization. I also identified various security and privacy issues arise due to the challenges faced by the organization
in using microservices architecture model. Furthermore, I suggested various mitigation strategies which can be used
by the organizations to reduce the security and privacy issues in microservices architecture system.
Challenges and issues in microservices architecture
There are certain challenges and issues which arises while building microservices that needs to be solved and I
identified following challenges during my study which are faced by an organization while adopting microservices
architecture–
Figure 1- Challenges and issues of Microservices architecture
4
As we all know nowadays business systems are becoming more complex due to dynamic environment and
globalisation. And to develop and maintain a system is becoming a challenge for the developer team. Microservices
architecture model is proposed by Martin Fowler and James in 2014 and within a few years many companies has
started using microservices architecture for improving the life cycle of products. It helps in splitting the complex
applications of system into a small part which can be develop, test, deploy, operate and upgrades independently
(Zheng & Wei, 2018). Micoservices architecture model was introduced to overcome the disadvantages of traditional
approach that is monolithic architecture. In monolithic architecture single database was shared whereas in
microservices architecture services has its own database which leads to increase in speed, etc, The use of
microservices architecture is enormously increasing in business industries and in scientific research in various fileds
to increase the speed and agility while developing microservices. However, microservices model also brings a lot of
complexities along with it (Swathi & R, 2020).
While preparing this report I have studied various research study done in the field of microservice architecture which
provided me deep insight regarding relevance of microservices architecture model in the organizations. In this report
I focused upon identifying the key issues and challenges arise while using microservices architecture model in the
organization. I also identified various security and privacy issues arise due to the challenges faced by the organization
in using microservices architecture model. Furthermore, I suggested various mitigation strategies which can be used
by the organizations to reduce the security and privacy issues in microservices architecture system.
Challenges and issues in microservices architecture
There are certain challenges and issues which arises while building microservices that needs to be solved and I
identified following challenges during my study which are faced by an organization while adopting microservices
architecture–
Figure 1- Challenges and issues of Microservices architecture
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Management and configuration- Configuration is managed by the microservices. Since large system is
divided into small independent system. So configuration of services is vital to manage between all the
services (Swathi & R, 2020).
Debugging- It becomes difficult to debug each services in microservices because of the multiple services.
Therefore, we need to solve it by centralized logging. It is one of the biggest challenges of microservices
architecture (Swathi & R, 2020).
Consistency- It becomes hard to maintain consistency as it requires decentralized approach in tools and
techniques to develop deploy and monitor the microservices (Swathi & R, 2020).
Independency- It is one of the major principles of a microservices model which means it is difficult to keep
the independency between each service so that each service cannot affect each other (Swathi & R, 2020).
Scalability- It is another important challenge in the microservices architecture because all the microservices
have its own database and no dependencies on each other (Swathi & R, 2020).
Other challenges include complexities of application, no proper testing and low fault tolerance. All these challenges
can be reduce by following mitigation strategies.
However despite of various challenges, there are various advantages of adopting microservices architecture as
compared to monolithic architecture which are discussed below as follows –
Figure 2 – Advantages of microservices architecture as compare to monolithic architecture
5
divided into small independent system. So configuration of services is vital to manage between all the
services (Swathi & R, 2020).
Debugging- It becomes difficult to debug each services in microservices because of the multiple services.
Therefore, we need to solve it by centralized logging. It is one of the biggest challenges of microservices
architecture (Swathi & R, 2020).
Consistency- It becomes hard to maintain consistency as it requires decentralized approach in tools and
techniques to develop deploy and monitor the microservices (Swathi & R, 2020).
Independency- It is one of the major principles of a microservices model which means it is difficult to keep
the independency between each service so that each service cannot affect each other (Swathi & R, 2020).
Scalability- It is another important challenge in the microservices architecture because all the microservices
have its own database and no dependencies on each other (Swathi & R, 2020).
Other challenges include complexities of application, no proper testing and low fault tolerance. All these challenges
can be reduce by following mitigation strategies.
However despite of various challenges, there are various advantages of adopting microservices architecture as
compared to monolithic architecture which are discussed below as follows –
Figure 2 – Advantages of microservices architecture as compare to monolithic architecture
5
Increase in efficiency- Adopting microservice s architecture in a complex projects increases the efficiency of
the projects and it can be maintained at stable level but in case of monolithic architecture there is less
efficiency in the stages of projects (Zhang et al., 2019).
Design of system- In microservices architecture model each service is independent. That’s why it leads to
low coupling and more cohesion which was not in the case of monolithic architecture (Zhang et al., 2019).
Expansion of system- In microservices architecture model each service runs in a different-different process
so it becomes easy to expand functions of a system according to the needs of the business (Zhang et al.,
2019).
Upgrade system- In micoservices architecture model each services module upgraded independently which
helps in improving the efficiency. In monolithic architecture one needs to understand the entire system
before doing any type of modifications which was a time consuming process (Zhang et al., 2019).
Project costs- In microservices architecture system project cost in the early and last stage remains relatively
flat but in case of monolithic architecture early cost of project is low but later it gets large (Zhang et al.,
2019).
Privacy and security issues due to challenges in Microservices architecture
There are also various security and privacy risks associated with the use of microservices architecture and also due t
their challenges many security risk arise which are discussed by me as follows-
Figure 3- Privacy and security risks
6
the projects and it can be maintained at stable level but in case of monolithic architecture there is less
efficiency in the stages of projects (Zhang et al., 2019).
Design of system- In microservices architecture model each service is independent. That’s why it leads to
low coupling and more cohesion which was not in the case of monolithic architecture (Zhang et al., 2019).
Expansion of system- In microservices architecture model each service runs in a different-different process
so it becomes easy to expand functions of a system according to the needs of the business (Zhang et al.,
2019).
Upgrade system- In micoservices architecture model each services module upgraded independently which
helps in improving the efficiency. In monolithic architecture one needs to understand the entire system
before doing any type of modifications which was a time consuming process (Zhang et al., 2019).
Project costs- In microservices architecture system project cost in the early and last stage remains relatively
flat but in case of monolithic architecture early cost of project is low but later it gets large (Zhang et al.,
2019).
Privacy and security issues due to challenges in Microservices architecture
There are also various security and privacy risks associated with the use of microservices architecture and also due t
their challenges many security risk arise which are discussed by me as follows-
Figure 3- Privacy and security risks
6
You're viewing a preview
Unlock full access by subscribing today!
Design and deployment- There is risk of losing control while building infrastructure and also risk of reducing
the visibility of the application parts (Besic, n.d. ).
Isolation and segmentation- The application which are decoupled do their work by co-dependence on other
services. And these components do communication via API and sometimes service communication is skipped
while testing stage so it creates security risk (Besic, n.d. ).
Identical management- To manage the users, applications and API it is to have an administrative interface
which will help in doing this task to know about the real time visibility of happenings in environment (Besic,
n.d. ).
Data management- The generated data in microservices architecture changes and interacted regularly. The
developers or owners of data assets should regularly monitor the dynamics of data because data is stored in
different- different places. If no proper management of data will be done then there are chances of data
leaks (Besic, n.d. ).
Rapid change of applications- Due to rapid development in applications, microservices remain under
constant workload. Developers should do security testing to enhance DevSecOps (Besic, n.d. ).
Large surface area- In microservices architecture an application communicate via API (Application
Programming Interfaces) and because of this attackers get more surface area to attack so that’s why due to
more complexity there are more chances of potential attack (Robinson, 2015).
Mitigation strategies to manage security and privacy risk
All the above mentioned security and privacy risks can be managed with or reduced by adopting various mitigation
strategies while developing an application. The mitigation strategies for reducing privacy and security risks are
discussed below as follows-
Figure 4- Mitigation strategies to manage security and privacy risks
7
the visibility of the application parts (Besic, n.d. ).
Isolation and segmentation- The application which are decoupled do their work by co-dependence on other
services. And these components do communication via API and sometimes service communication is skipped
while testing stage so it creates security risk (Besic, n.d. ).
Identical management- To manage the users, applications and API it is to have an administrative interface
which will help in doing this task to know about the real time visibility of happenings in environment (Besic,
n.d. ).
Data management- The generated data in microservices architecture changes and interacted regularly. The
developers or owners of data assets should regularly monitor the dynamics of data because data is stored in
different- different places. If no proper management of data will be done then there are chances of data
leaks (Besic, n.d. ).
Rapid change of applications- Due to rapid development in applications, microservices remain under
constant workload. Developers should do security testing to enhance DevSecOps (Besic, n.d. ).
Large surface area- In microservices architecture an application communicate via API (Application
Programming Interfaces) and because of this attackers get more surface area to attack so that’s why due to
more complexity there are more chances of potential attack (Robinson, 2015).
Mitigation strategies to manage security and privacy risk
All the above mentioned security and privacy risks can be managed with or reduced by adopting various mitigation
strategies while developing an application. The mitigation strategies for reducing privacy and security risks are
discussed below as follows-
Figure 4- Mitigation strategies to manage security and privacy risks
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Secure by design- Developers should make microservices secure by design from design of microservices to
deployment of microservices in short at every stage of production (Okta, n.d.).
Dependencies scan- Developer should regularly and thoroughly scan the applications for vulnerable
dependencies (Okta, n.d.).
Use HTTPS everywhere- This step is important to implement. And also attacks within your network are
important to mitigate. Transport Layer Security (TLS) ensures data integrity by encrypting the communication
over HTTP (Okta, n.d.).
Slow down attackers- The developers and security team must work together to monitor the application from
potential threats. Various monitoring tools can be used by developers such as InfluxDB and Pometheus.
Developers should regularly update the code to prevent any type of risks like unauthorized access (Okta,
n.d.).
Encrypt and protect secrets- There may be secreted related to API keys, client or credentials for using
application. Developer should secure the secrets by keeping them in environment variables and encrypt
them with the help of tools like Amazon KMS, HashiCorp Vault, etc. (Okta, n.d.).
Conclusion
At the end I would like to conclude that microservices architecture style is preferred by various industries and
researchers in various fields at present. This model was introduced to overcome the shortcomings of monolithic
architecture style. This model helps in splitting the larger system into smaller sub systems to reduce the complexity
and increase the efficiency. Furthermore, findings of my study shows that there are various challenges faced by an
organization while implementing microservices architecture model such as management of configuration, debugging,
consistency, independency and scalability. However, despite of so many challenges microservices architecture also
has benefits. The prominent benefits of microservice architecture model are efficiency increase, system design,
expansion of system, system upgrades and flat project cost. Also I found out that there are various security and
privacy risks while implementing microservices architecture such as Design, identical management, data
management, rapid changes in application and large surface area for attack due to high complexities. And at the end,
I suggested various mitigation strategies to avoid and manage these security and privacy risks such as developers
must secure the microservices by design, regularly scan for dependencies, and make use of HTTPS everywhere to
ensure data integrity, slow down the potential attackers by regularly monitoring the threats with the help of tools
such as InfluxDB, encrypt and protect the secrets by using various tools like Amazon KMS, HashiCorp Vault, and there
are various others mitigation strategies which can be used to reduce the security and privacy risk arises in the
process of implementing microservices architecture model.
8
deployment of microservices in short at every stage of production (Okta, n.d.).
Dependencies scan- Developer should regularly and thoroughly scan the applications for vulnerable
dependencies (Okta, n.d.).
Use HTTPS everywhere- This step is important to implement. And also attacks within your network are
important to mitigate. Transport Layer Security (TLS) ensures data integrity by encrypting the communication
over HTTP (Okta, n.d.).
Slow down attackers- The developers and security team must work together to monitor the application from
potential threats. Various monitoring tools can be used by developers such as InfluxDB and Pometheus.
Developers should regularly update the code to prevent any type of risks like unauthorized access (Okta,
n.d.).
Encrypt and protect secrets- There may be secreted related to API keys, client or credentials for using
application. Developer should secure the secrets by keeping them in environment variables and encrypt
them with the help of tools like Amazon KMS, HashiCorp Vault, etc. (Okta, n.d.).
Conclusion
At the end I would like to conclude that microservices architecture style is preferred by various industries and
researchers in various fields at present. This model was introduced to overcome the shortcomings of monolithic
architecture style. This model helps in splitting the larger system into smaller sub systems to reduce the complexity
and increase the efficiency. Furthermore, findings of my study shows that there are various challenges faced by an
organization while implementing microservices architecture model such as management of configuration, debugging,
consistency, independency and scalability. However, despite of so many challenges microservices architecture also
has benefits. The prominent benefits of microservice architecture model are efficiency increase, system design,
expansion of system, system upgrades and flat project cost. Also I found out that there are various security and
privacy risks while implementing microservices architecture such as Design, identical management, data
management, rapid changes in application and large surface area for attack due to high complexities. And at the end,
I suggested various mitigation strategies to avoid and manage these security and privacy risks such as developers
must secure the microservices by design, regularly scan for dependencies, and make use of HTTPS everywhere to
ensure data integrity, slow down the potential attackers by regularly monitoring the threats with the help of tools
such as InfluxDB, encrypt and protect the secrets by using various tools like Amazon KMS, HashiCorp Vault, and there
are various others mitigation strategies which can be used to reduce the security and privacy risk arises in the
process of implementing microservices architecture model.
8
References
Baskarada, S., Nguyen, V., & Koronios, A. (2018). Architecting Microservices: Practical Opportunitiesand Challenges.
Journal of Computer Information Systems , 1-9.
Besic, N. (n.d. ). The Top 5 Challenges of Microservices Security. Retrieved from Neura Legion:
https://www.neuralegion.com/blog/the-top-5-challenges-of-microservices-security/
Okta. (n.d.). 8 Ways to Secure Your Microservices Architecture. Retrieved from Okta:
https://www.okta.com/resources/whitepaper/8-ways-to-secure-your-microservices-architecture/
Robinson, R. M. (2015). Microservices Are Powerful, but Pose New Security Challenges. Retrieved from
SecurityIntelligence : https://securityintelligence.com/microservices-are-powerful-but-pose-new-security-
challenges/
Swathi, & R, R. (2020). MicroserviceArchitectural Style. International Research Journal of Engineering and Technology
, 7 (8), 1109-1112.
Zhang, H., Xu, Y., Cao, W., Xu, X., Zhou, C., & Liu, Y. (2019). Application and Practice of Microservice Architecture in
MultidimensionalElectronic Channel Construction. Journal of Physics: Conference Series , 1-5.
Zheng, L., & Wei, B. (2018). Application of microservice architecture in cloud environment project development.
MATEC Web of Conferences, 189, pp. 1-6.
9
Baskarada, S., Nguyen, V., & Koronios, A. (2018). Architecting Microservices: Practical Opportunitiesand Challenges.
Journal of Computer Information Systems , 1-9.
Besic, N. (n.d. ). The Top 5 Challenges of Microservices Security. Retrieved from Neura Legion:
https://www.neuralegion.com/blog/the-top-5-challenges-of-microservices-security/
Okta. (n.d.). 8 Ways to Secure Your Microservices Architecture. Retrieved from Okta:
https://www.okta.com/resources/whitepaper/8-ways-to-secure-your-microservices-architecture/
Robinson, R. M. (2015). Microservices Are Powerful, but Pose New Security Challenges. Retrieved from
SecurityIntelligence : https://securityintelligence.com/microservices-are-powerful-but-pose-new-security-
challenges/
Swathi, & R, R. (2020). MicroserviceArchitectural Style. International Research Journal of Engineering and Technology
, 7 (8), 1109-1112.
Zhang, H., Xu, Y., Cao, W., Xu, X., Zhou, C., & Liu, Y. (2019). Application and Practice of Microservice Architecture in
MultidimensionalElectronic Channel Construction. Journal of Physics: Conference Series , 1-5.
Zheng, L., & Wei, B. (2018). Application of microservice architecture in cloud environment project development.
MATEC Web of Conferences, 189, pp. 1-6.
9
You're viewing a preview
Unlock full access by subscribing today!
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.