[Whitepaper] Securing microservice APIs
There are a number of techniques for controlling access to web APIs in a microservice architecture, including network controls, cryptographic methods, and platform-based capabilities. This paper proposes an API access control model that can be implemented on any one platform or across multiple platforms in order to provide cohesive security over a network of microservices.
This report consists of four sections:
- An overview of the microservices landscape, to set the context for the security model
- A survey of available security technologies and solutions that apply to microservice APIs
- A proposed model for securing microservice APIs
- 4. A conclusion that includes speculation on the future direction of microservice API security