Consider an example of an e-commerce store. Let’s assume it is built
using a “microservice” architecture with functionality broken into
small, discrete components. Even if product and user information is
held in the same database, different microservices might each be
granted access to only the appropriate parts of that database. A
product-search microservice needs read-only access to the product
tables, but nothing more. If this microservice somehow gets com‐
promised, or simply has a bug, the broken service can’t overwrite
product information (because it has only read access) or extract user
information (because it has no access to that data at all). Applying
the principle of least privilege means that we make it more difficult
for an attacker to cause damage.
Microservices, as defined by Martin Fowler, are a par‐
ticular design of software apps, essentially a collection
of independently deployable services.
The same principle can apply to humans too. In some organizations,
sharing production credentials with all staff may make sense. In oth‐
ers, it’s critical that only a small set of people have access, especially
if that access is to sensitive information such as medical or financial
records.
Limiting the Attack Surface
The attack surface is the set of all possible ways a system can be
attacked. The more complex the system, the bigger the attack sur‐
face, and therefore the more likely it is that an attacker will find a
way in.
Consider our castle metaphor again: the longer the length of the cas‐
tle walls, the more archers we would need to patrol them effectively.
A circular castle will be most efficient from this point of view; a
complicated shape with lots of nooks and crannies would need more
archers for the same interior volume.
In software systems, the fundamental way to reduce the attack sur‐
face is to minimize the amount of code. The more code that’s
present in the system, the more likely it is that it has vulnerabilities.
The greater the complexity, the more likely that latent vulnerabilities
exist, even in well-tested code.
4 | Chapter 1: Approaching Kubernetes Security
剩余84页未读,继续阅读
Wangcy.
- 粉丝: 46
- 资源: 11
我的内容管理
展开
最新资源
- 多模态联合稀疏表示在视频目标跟踪中的应用
- Kubernetes资源管控与Gardener开源软件实践解析
- MPI集群监控与负载平衡策略
- 自动化PHP安全漏洞检测:静态代码分析与数据流方法
- 青苔数据CEO程永:技术生态与阿里云开放创新
- 制造业转型: HyperX引领企业上云策略
- 赵维五分享:航空工业电子采购上云实战与运维策略
- 单片机控制的LED点阵显示屏设计及其实现
- 驻云科技李俊涛:AI驱动的云上服务新趋势与挑战
- 6LoWPAN物联网边界路由器:设计与实现
- 猩便利工程师仲小玉:Terraform云资源管理最佳实践与团队协作
- 类差分度改进的互信息特征选择提升文本分类性能
- VERITAS与阿里云合作的混合云转型与数据保护方案
- 云制造中的生产线仿真模型设计与虚拟化研究
- 汪洋在PostgresChina2018分享:高可用 PostgreSQL 工具与架构设计
- 2018 PostgresChina大会:阿里云时空引擎Ganos在PostgreSQL中的创新应用与多模型存储
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
