Istio is an open platform that provides a seamless way to connect, manage, and secure microservices. It supports the traffic flows management between microservices, enforcing access policies and aggregating telemetry data, all without requiring changes to the services source code. It works by defining a special sidecar proxy added on each service that intercepts all the network communication between them, offering the following features:
MicroProfile is a base platform of specifications and APIs that optimize the Java Enterprise ecosystem for a microservices architecture offering portability for different implementations through different implementations. It was launched in 2016 in an initiative of some Java EE vendors (Red Hat, Payara, Tomitribe, IBM) and Java User Groups (SouJava and London Java Community) whose main goal was to bring innovations faster to the Java Enterprise environment. It is currently in version 2.1 supported by the Java EE 8 platform and includes the following specifications:
Microservices have become the hottest topic in software architecture over the past years, and much can be said about their benefits. But there are many challenges related to how to secure them, specially because they are typical distributed systems and most of them are exposed over the Internet using standard Web protocolos and standards, such as REST APIs. And REST itself does not define any specific security procedures and they are pretty exposed as any other Web application vulnerable to many type of issues, such as injection attacks, replay attacks, cross-site scripting, denial of service, man-in-the-middle, etc.
This post will…
Brazilian, Software Developer helping other developers to learn the new cutting edge development technologies. Oracle Dev Champion and GroundBreaker Ambassador.