COMPUTER NETWORKS GROUP - NETGROUP
Zero-Trust Architectures and their implementation using Service Meshes
Thesis in external company
Reference persons RICCARDO SISTO
Thesis type THEORETICAL/EXPERIMENTAL
Description With the diffusion of the new microservices-based development paradigm, the new need of securing microservices in their ecosystems arises, not only with respect to the incoming traffic (load balancing, rate-limiting, authentication and authorization policies), but also internally (intra-pod security). As the complexity of business logic entails multi-team management of microservices, it is necessary to segregate traffic in between specific microservices by means of proper security logic. At the same time, companies are more and more interested in the multi-cloud approach, i.e., the distributed deployment of their workflows on more Cloud Service Providers. This approach, however, opens several security-related challenges. Both these security issues can be addressed by developing zero-trust architectures which can be implemented using a Service Mesh, a software layer that enables security and observability logics (traffic encryption between certain services, route definition, etc.) in a cluster of microservices. The thesis goal can be one of the following two ones:
1. Find efficient ways of implementing the multi cloud with and zero trust architectures by means of service meshes
2. Evaluate Ambient Meshes as an alternative to classical Service Meshes for the implementation of zero trust architectures in a multi-team environment
The detailed goals of the thesis will be defined by discussing with the candidate.
The thesis will be developed within an internship in the Blue Reply company.
Required skills Programming, scripting, networking, cybersecurity
Deadline 23/02/2023 PROPONI LA TUA CANDIDATURA