SECURING CLOUD-NATIVE APPLICATIONS: A HOLISTIC APPROACH
Keywords:
Cloud-Native Security, Zero Trust Architecture, Container Image Scanning, Microservices Security, Continuous Threat IntelligenceAbstract
This comprehensive article explores the multifaceted approach required for securing cloud-native applications in today's rapidly evolving technological landscape. It delves into the unique security challenges posed by microservices, containers, and serverless architectures, highlighting the inadequacies of traditional perimeter-based defenses in these dynamic environments. The paper presents a detailed analysis of best practices, including runtime protection, container image scanning, zero trust networking, and the implementation of the least privilege principle. It emphasizes the critical need for continuous learning and adaptability in security strategies, discussing the importance of threat intelligence, security automation, and the ability to swiftly adapt to cloud provider changes. Furthermore, the article examines emerging trends in cloud-native security, such as the integration of artificial intelligence and machine learning, the advent of quantum-safe cryptography, and the shift toward identity-centric security paradigms. By providing a holistic view of current practices and future directions, this paper serves as a valuable resource for organizations seeking to enhance their security posture in cloud-native environments, offering insights into the complex interplay between technological innovation and security imperatives in the cloud era
References
C. Pahl, P. Jamshidi, and D. Weyns, "Cloud Container Technologies: A State-of-the-Art Review," IEEE Transactions on Cloud Computing, vol. 7, no. 3, pp. 677-692, 2019.
Singh, Sahibdeep & Bhathal, Gurjit. (2024). Microservices Security Challenges and Solutions in Cloud Environment. International Journal of Science and Research (IJSR). 13. 201-205. 10.21275/SR24303144734. [Online]. Available: https://www.researchgate.net/publication/379534495_Microservices_Security_Challenges_and_Solutions_in_Cloud_Environment
C. Esposito, A. Castiglione, and K. K. R. Choo, "Challenges in Delivering Software in the Cloud as Microservices," IEEE Cloud Computing, vol. 3, no. 5, pp. 10-14, 2016. [Online]. Available: https://ieeexplore.ieee.org/document/7742281
T. Yarygina and A. H. Bagge, "Overcoming Security Challenges in Microservice Architectures," IEEE Symposium on Service-Oriented System Engineering (SOSE), pp. 11-20, 2018. [Online]. Available: https://ieeexplore.ieee.org/document/8359144
Pahl, Claus & Brogi, Antonio & Soldani, Jacopo & Jamshidi, Pooyan. (2017). Cloud Container Technologies: A State-of-the-Art Review. IEEE Transactions on Cloud Computing. PP. 1-1. 10.1109/TCC.2017.2702586.
S. K. Gaddam and G. Somani, "Securing Microservices: A Systematic Literature Review," IEEE Access, vol. 9, pp. 149473-149490, 2021. [Online]. Available: https://ieeexplore.ieee.org/document/9585615
S. Suo, Y. Liu, S. Wan, and K. K. R. Choo, "A Survey of Security and Privacy in Big Data," IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, pp. 677-686, 2018. [Online]. Available: https://ieeexplore.ieee.org/document/8511891
Rahaman, Md Shahidur, Sadia Nasrin Tisha, Eunjee Song, and Tomas Cerny. 2023. "Access Control Design Practice and Solutions in Cloud-Native Architecture: A Systematic Mapping Study" Sensors 23, no. 7: 3413. https://doi.org/10.3390/s23073413
K. A. Torkura, M. I. H. Sukmana, F. Cheng, and C. Meinel, "Continuous Auditing and Threat Detection in Multi-Cloud Infrastructure," IEEE Access, vol. 9, pp. 28067-28081, 2021. [Online]. Available: https://ieeexplore.ieee.org/document/9328133
M. Ahmadvand, A. Pretschner, K. Kelbert, and V. Kuhnel, "Automated Security Analysis and Adaptation in Multi-Cloud Environments," IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 5, pp. 3136-3151, 2022. [Online]. Available: https://ieeexplore.ieee.org/document/9399853
L. Jiang, L. Da Xu, H. Cai, Z. Jiang, F. Bu, and B. Xu, "An IoT-Oriented Data Storage Framework in Cloud Computing Platform," IEEE Transactions on Industrial Informatics, vol. 10, no. 2, pp. 1443-1451, 2014. [Online]. Available: https://ieeexplore.ieee.org/document/6766691
T. Salah, M. Jamal Zemerly, Chan Yeob Yeun, M. Al-Qutayri and Y. Al-Hammadi, "The evolution of distributed systems towards microservices architecture," 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST), Barcelona, Spain, 2016, pp. 318-325, doi: 10.1109/ICITST.2016.7856721.
