Serverless computing: a security perspective

被引:12
作者
Marin, Eduard [1 ]
Perino, Diego [1 ]
Di Pietro, Roberto [2 ]
机构
[1] Telefon Res, Barcelona, Spain
[2] Hamad Bin Khalifa Univ HBKU, Coll Sci & Engn CSE, Informat & Comp Technol ICT, Doha, Qatar
来源
JOURNAL OF CLOUD COMPUTING-ADVANCES SYSTEMS AND APPLICATIONS | 2022年 / 11卷 / 01期
关键词
Cloud computing; Serverless computing; Security; Threat models; Vulnerabilities; Architectures;
D O I
10.1186/s13677-022-00347-w
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this article we review the current serverless architectures, abstract and categorize their founding principles, and provide an in-depth security analysis. In particular, we: show the security shortcomings of the analyzed serverless architectural paradigms; point to possible countermeasures; and, highlight several research directions for practitioners, Industry, and Academia.
引用
收藏
页数:12
相关论文
共 46 条
[1]  
[Anonymous], 2021, EVENT INJECTION PROT
[2]  
[Anonymous], 2021, GONE 60 MILLISECONDS
[3]  
[Anonymous], 2019, HACKING SERVERLESS R
[4]  
[Anonymous], 2021, AZURE SERVERLESS MIC
[5]  
[Anonymous], 2021, The minimum elements for a software bill of materials
[6]  
[Anonymous], 2021, KATA CONTAINERS
[7]  
[Anonymous], 2021, AWS LAMBDA REUSES CO
[8]  
[Anonymous], 2021, OWASP SERVERLESS TOP
[9]  
[Anonymous], 2021, SERVERLESS COMPUTING
[10]  
[Anonymous], 2021, AWS SERVERLESS APPL
12345