💡 Microservices: Security

📑 Microservice Security Foudations

📑 Identity Management and Access Control

IAM platform

Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities. With an IAM framework in place, information technology (IT) managers can control user access to critical information within their organizations.

• One Time Pin, OTP
• Identity Store: DB, LDAP, Third-Party
• Identity

📑 Token-Based Security and Standards

• JSON Web Token

  • Header: Algorithm and Token Type
  • Payload: meta-Data
  • Singature: Verfication

• Access Token, Refresh token, ID token

• OAuth 2 primer(入门): Resource Owner, Resource Server, Authorization Server, Client

📑 Security between Microservices

📑 Application and Container Security

• Run authentication Docker Container
• Vault Agent: 保险柜代理

📑 Appendix

• IAM Platform, API Gateway
• on-premises: 本地
• monetization: 营利
• assume, assumption: 假设
• complimentary: 免费
• compliance: 合规, 承诺
• Artifact Repository: 人工品, orchestrator storage: 协调器存储
• Boundary Standard, Interact Rules
• BFF, API Gateway, DMZ, Reverse Proxy

• Pair:

  • Nginx (File Server, Static Resource Provides)
  • BFF Server (ExpressJs, JWT)