Workflow Integration Alleviates Identity and Access Management in Serverless Computing
Arnav Sankaran, Pubali Datta, Adam Bates
Abstract
As serverless computing continues to revolutionize the design and deployment of web services, it has become an increasingly attractive target to attackers. These adversaries are developing novel tactics for circumventing the ephemeral nature of serverless functions, exploiting container reuse optimizations and achieving lateral movement by “living off the land” provided by legitimate serverless workflows. Unfortunately, the traditional security controls currently offered by cloud providers are inadequate to counter these new threats.
Topics & Concepts
Cloud computingComputer scienceWorkflowSoftware deploymentEphemeral keyReuseComputer securityContainer (type theory)MicroservicesSoftware engineeringOperating systemDatabaseEngineeringMechanical engineeringWaste managementSecurity and Verification in ComputingCloud Data Security SolutionsBlockchain Technology Applications and Security