Security has become paramount in modern software services as more and more security breaches emerge, impacting final users and organizations alike. Trends like the Microservice Architecture bring new security challenges related to communication, system design, development, and operation. The literature presents a plethora of security-related solutions for microservices-based systems, but the spread of information difficult practitioners' adoption of novel security related solutions. In this study, we aim to present a catalogue and discussion of security solutions based on algorithms, protocols, standards, or implementations; supporting principles or characteristics of information security, considering the three possible states of data, according to the McCumber Cube. Our research follows a Systematic Literature Review, synthesizing the results with a meta-aggregation process. We identified a total of 30 primary studies, yielding 75 security solutions for the communication of microservices.
翻译:在现代软件服务中,随着越来越多的安全漏洞的出现,安全在现代软件服务中变得至高无上,对最终用户和组织都产生了影响。微服务结构等趋势带来了与通信、系统设计、开发和操作有关的新的安全挑战。文献为微观服务系统提供了大量与安全有关的解决方案,但信息从业者却难以采用新的安全解决方案。在这项研究中,我们的目标是根据算法、规程、标准或实施,提交一份安全解决方案目录和讨论;支持信息安全的原则或特征,根据McCumber Cube的数据,考虑到三种可能的数据状况。我们的研究遵循系统文学审查,将结果与元集成过程结合起来。我们共确定了30项主要研究,为微观服务通信提供了75项安全解决方案。