Thursday, 4 May 2017

Security-oriented Architecture

Split your monoliths into myriad services and suddenly your established security boundaries fizzle into non-existence.

I would assert that all services need to think about security, namely:
  • authentication: who is calling me?
  • authorisation: are they allowed to call me?  are they allowed to request this particular data?
  • validation: is the message valid?
  • confidentiality: is my sensitive data secure?  what is sensitive data?
  • integrity: how do I know the request has not been tampered with?
  • non-repudiation: how do I know the request came from a legitimate source
Yes, all services, even the internal ones.  Don't think of hackers as spotty teenage opportunists.  Think of  them as sophisticated criminal organisations that spend millions on stealing precious corporate data, or threatening brands with ransom attacks.  Loyal as I'm sure your staff are, are they immune to greed, revenge or blackmail?

That's not to say you might not answer the questions above differently for internal services, as opposed to edge-facing ones, but consider these issues you must.


Share: