ECSA 2024
Tue 3 - Fri 6 September 2024 Luxembourg, Luxembourg
Fri 6 Sep 2024 15:00 - 15:25 at Hollenfels - Technical Session 10: Trustworthiness Chair(s): Barbora Buhnova

IoT application providers increasingly use MicroService Ar- chitecture (MSA) to develop applications that convert IoT data into valuable information. The independently deployable and scalable nature of microservices enables dynamic utilisation of edge and cloud resources provided by various service providers, thus improving performance. How- ever, IoT data security should be ensured during multi-domain data processing and transmission among distributed and dynamically com- posed microservices. The ability to implement granular security controls at the microservices level has the potential to solve this. To this end, edge-cloud environments require intricate and scalable security frame- works that operate across multi-domain environments to enforce various security policies during the management of microservices (i.e., initial placement, scaling, migration, and dynamic composition), considering the sensitivity of the IoT data. To address the lack of such a frame- work, we propose an architectural framework that uses Policy-as-Code to ensure secure microservice management within multi-domain edge- cloud environments. The proposed framework contains a “control plane” to intelligently and dynamically utilise and configure cloud-native (i.e., container orchestrators and service mesh) technologies to enforce secu- rity policies. We implement a prototype of the proposed framework using open-source cloud-native technologies such as Docker, Kubernetes, Istio, and Open Policy Agent to validate the framework. Evaluations verify our proposed framework’s ability to enforce security policies for distributed microservices management, thus harvesting the MSA characteristics to ensure IoT application security needs

Fri 6 Sep

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

15:00 - 15:30
Technical Session 10: TrustworthinessResearch Papers at Hollenfels
Chair(s): Barbora Buhnova Masaryk University
15:00
25m
Full-paper
Towards Secure Management of Edge-Cloud IoT Microservices using Policy as CodeResearch Paper
Research Papers
Samodha Pallewatta CREST, The University of Adelaide, Adelaide, Australia, Muhammad Ali Babar School of Computer Science, The University of Adelaide