Information and Communication Security Mechanisms For Microservices-based Systems

TL;DR

This paper systematically reviews security solutions for microservices-based systems, categorizing 75 solutions across data states to aid practitioners in understanding and adopting effective security mechanisms.

Contribution

It provides a comprehensive catalogue and discussion of 75 security solutions tailored for microservices communication, based on a systematic literature review.

Findings

75 security solutions identified for microservices communication

Solutions cover all three data states in the McCumber Cube

The study aids practitioners in understanding security options

Abstract

Security has become paramount in modern software services as more and more security breaches emerge, impacting final users and organizations alike. Trends like the Microservice Architecture bring new security challenges related to communication, system design, development, and operation. The literature presents a plethora of security-related solutions for microservices-based systems, but the spread of information difficult practitioners' adoption of novel security related solutions. In this study, we aim to present a catalogue and discussion of security solutions based on algorithms, protocols, standards, or implementations; supporting principles or characteristics of information security, considering the three possible states of data, according to the McCumber Cube. Our research follows a Systematic Literature Review, synthesizing the results with a meta-aggregation process. We identified a total of 30 primary studies, yielding 75 security solutions for the communication of microservices.