Federated attestation for secure microservice communication in a multi-cloud environment
1 University at Albany, Albany, NY 12222, United States.
2 California State University, Los Angeles, CA 90032, United States.
Review
World Journal of Advanced Engineering Technology and Sciences, 2023, 08(01), 440-458.
Article DOI: 10.30574/wjaets.2023.8.1.0019
Publication history:
Received on 07 December 2022; revised on 24 January 2023; accepted on 26 January 2023
Abstract:
The proliferation of microservices architectures in cloud environments necessitates robust security mechanisms to ensure the integrity and confidentiality of inter-service communication. Traditional security methods, such as centralized attestation and encryption, often struggle to scale effectively in multi-cloud deployments. Federated attestation presents a promising solution by enabling distributed trust models across different cloud providers, allowing microservices to authenticate and verify each other’s integrity without relying on a centralized authority. In a multi-cloud environment, where services may span across various cloud platforms with different security infrastructures, federated attestation facilitates secure and seamless communication between microservices, ensuring that each service instance is genuine and trustworthy. This paper explores the use of federated attestation protocols in securing microservice interactions in multi-cloud ecosystems. The approach leverages decentralized trust anchors to attest to the authenticity of microservices, enhancing resistance to man-in-the-middle attacks and ensuring compliance with security policies. We also investigate the performance overhead and scalability of federated attestation in real-world multi-cloud environments. Our findings highlight the effectiveness of federated attestation in securing microservice communication while minimizing latency and resource consumption, even in complex multi-cloud deployments. This approach provides a scalable solution to one of the key challenges in modern cloud-native architectures: maintaining trust and security across diverse, distributed environments.
Keywords:
Federated attestation; Secure microservice communication; Multi-cloud environment; Distributed trust; Authentication; Integrity verification; Decentralized trust anchors; Man-in-the-middle attacks; Cloud-native security; Scalability; Performance overhead; Cloud platforms
Full text article in PDF:
Copyright information:
Copyright © 2023 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0