Containers and microservices have revolutionized application development and infrastructure management. They have also introduced new security challenges without solving the old ones. What are some of the new security challenges, and what can you do about them?
New technologies, new challenges
Microservices are changing everything. Immutable infrastructure, share-nothing architecture, and containerized applications (microservices) are the focus of most of the enterprise roadmaps today. Microservices provide a way of exposing a business functionality in a small, autonomous, and self-sustainable capacity, performing a unit task within a given scope of business context. These are typically exposed in the form of APIs (application programming interfaces) running inside a virtual machine, running inside a container, or even running on bare metal.
While containerization advantages are multi-fold, it also introduces a new set of challenges. Some of the immediate challenges are monitoring containers, container crawl, container security, track & trace of microservices, and image provenance.
So what is the impact on security in a microservice landscape? Security challenges that exist in a monolithic application landscape still exist and need to be addressed as usual. In addition, we need to consider additional security challenges introduced by microservices and container technologies.
From a security perspective, the surface area of an attack has now increased considerably in a microservice world when compared to a monolithic application. With more deployable units and endpoints being exposed, the probability of a security attack on these endpoints has also increased, along with integrity issues.
In addition, base Docker images may contain security vulnerabilities which could harm the microservices. Hence Docker image provenance should be managed to ensure the authenticity of base Docker images. The propagation of security updates and patches with minimum downtime to all existing containers is yet another challenge.
DevOps can introduce more stress on security needs in a microservices world. Continuous build and deployment tools currently focus on streamlining the delivery process, though not much focus is put on Secured DevOps.
Best practices
To counter a few of the above challenges, let us look at the following best practices. As part of an effective DevOps strategy, continuous security and auditing steps should be integrated into the DevOps pipeline. Continuous testing should include various security testing features and image integrity verification should be integrated into the pipeline. Further, private registries can ensure the images are trusted and governed within the enterprise.
Monitoring should be enhanced with anomaly-detection mechanisms to detect any spurious resource utilization or unusual events with the containers, and all monitoring capabilities should be strengthened with both agent-based and agentless processes. Patch management should be updated and improved to ensure that containers are patched with the latest updates while ensuring minimum downtime.
Docker has introduced an image provenance mechanism called Notary, which is based on TUF (The Update Framework, used in typical software distribution and updates). Because Notary is still in its evolutionary phase, not many container orchestrators support it at this time. Notary also requires a mature key management process in the enterprise.
Security between microservices is another key area where perpetration can occur, and an API Gateway can be effectively leveraged in this situation. Traditional PKI-based message security is not a scalable option. Instead, take look at the JWT (JSON Web Token) approach. JWT is an encoded token with a set of assertion policies about the requestor. The token is usually signed by an Identity Server which can be verified by the recipient system. JWT can also be digitally encrypted in order to maintain the confidentiality and integrity of the assertions (which is then called JWE).
All too often, security is an (expensive and difficult) afterthought. Make it a fundamental feature of your microservices infrastructure for the best security and performance.
1 Comment