Enabling Security-Oriented Orchestration of Microservices
This addresses security and isolation challenges for developers and cloud providers in microservices orchestration, representing an incremental improvement by integrating existing frameworks.
The paper tackles the problem of ensuring tenant isolation for untrusted microservices in multi-tenant cloud environments by proposing a security policy framework that enables orchestrators to enforce high-level security requirements at deployment time, demonstrated with a proof-of-concept using Private Data Objects to check code provenance.
As cloud providers push multi-tenancy to new levels to meet growing scalability demands, ensuring that externally developed untrusted microservices will preserve tenant isolation has become a high priority. Developers, in turn, lack a means for expressing and automatically enforcing high-level application security requirements at deployment time. In this paper, we observe that orchestration systems are ideally situated between developers and the cloud provider to address these issues. We propose a security policy framework that enables security-oriented orchestration of microservices by capturing and auditing code properties that are incorporated into microservice code throughout the software supply chain. Orchestrators can leverage these properties to deploy microservices on a node that matches both the developer's and cloud provider's security policy and their resource requirements. We demonstrate our approach with a proof-of-concept based on the Private Data Objects [1] confidential smart contract framework, deploying code only after checking its provenance.