Securing Microservices in the Cloud

Securing Micro-services is a tall order objective. Like any other thing in the realm of software development, there are a lot of tings to be taken into consideration on the approach to be taken in securing micro-services. There is no panacea for all threats. And assuming even if one exists, attempting to secure every service with highest levels using a single mechanism is simply over-doing the task that dampens other non-functional requirements (performance and scale).

So what are some of the things to take into account for security? The answer to that would be to ask yourself the following questions:

• Who are the direct consumers to that service? Or is your service external-facing exposed to the internet or just an internal service?
• API Gateway Pattern is a very popular pattern for securing edge-services by handling authentication and service discovery. Each external request is signed, which provides additional layer of authentication. 
• For internal services, isn't the firewall and OS layer security good enough? In the case of containerized applications, aren't your minimalist base-images of container good enough to cut fat and have just enough processes/programs enabled to keep things secure apart from your network firewall? The alpine editions of the linux operating systems for instance wouldn't even have CURL program removing the possibility to remotely curl a service from terminal.
• It is important to keep in mind that with microservices architecture, there are often more attack paths than in a monolithic architecture. Play the devil's advocate.

• What data does the service expose? Open or Closed.
• How sensitive or confidential is your data? What do you get to loose if this data leaks? 
• Do you really want to secure your service that for instance say is serving weather data of a location, catalog of your products, traffic data of a location, etc? 

• What is the tolerance to data staleness? Or how fresh or real-time you want the data to be?
• How real-time a data you are look for?
• At what rate the change of data happens?
• What is the volume of these requests?

• How frequently is your service accessed and at what volume? 
• Put other-way what is the performance requirement for your service in terms of latency (the time it takes to process a request), throughput (the number of requests handled per second)?

• What kind of attack are you preparing your defenses for? Eavesdropping, Man-in-the-middle (MITM), SQL-Injection, Cross-Site Request Forgery (CSRF), Denial-of-Service (DoS) etc.
• The medicine depends on the illness. What security measures are to be taken depends on what threats we are attempting to thwart.

All the above questions together has its effect on what and how you secure your service. You should identify any risk boundaries first. Then you can create security boundaries that match. Each boundary can then be secured by whatever method is best. Some might only need to be restricted by what addresses are allowed through (firewall), others might need additional token or certificate based security.

Classifying systems and data is so damn boring but then it is very vital thing to do, to get your overall systems right. 

References

• OWASP
• NIST
• Security in a Microservice World
• StackOverflow: Securing Micro Services Architecture internally

Understanding Open Conversation By Example

An example of recent conversation I have had with my team member(s):
* TM : Team Member

When I was having open conversation with one of the team members (let's call him TM1), this time around in the presence of other team members for transparency's sake, another (let's call him TM2) quickly pitches in to interject:
TM2: Hey Karthik, why have such serious conversations and be hard on him? Just chill out guys.
Me (Turning to him): You are making judgement so quickly. Hmm..Have you been listening to this conversation from the beginning?
TM2: No
Me: Do yo have the context of the subject we are talking about?
TM2: No
Me: Then on what basis are you advising?
TM2: Because he is my friend.
Me: Neither he is my enemy nor you. You should park your friendship outside of this room. This room is about business, about delivery and not who is what to who. Do we understand each other?
TM2: Hmm..I'm not sure.
Me: Phew!, now allow me to finish my conversation with him without your intervention. And let's discuss post this, may be when you go out for a smoke. Deal?
TM2: Ok.

One of the challenges of #consulting and #leadership is that you got to lead by example all throughout. You make mistakes for sure but don't compromise on your value system of openness and integrity. If it means having difficult and hard conversations, you do it.

You don't attempt to win quickly (by demanding respect). You play the long term game (to earn the respect that you deserve).

Now your turn: Have you ever had a hard conversation? How have you handled it? Want to share your story, so I can pick something out of it? Pen your thoughts now..

What is -O- option in wget?

The Quick Answer

• -O flag is the short notation for the flag --output-document in wget command-line utility.
• The hypen - after the flag denotes STDOUT.

Thus, wget -O- www.codonomics.com or wget -O - www.codonomics.com prints the result returned  from that URL in your terminal output or STDOUT.

Learn By Example

• wget -O www.codonomics.com writes the output to index.html file
• wget -O custom.txt www.codonomics.com writes the output to your custom.txt file as mentioned
• wget -O - www.codonomics.com writes output to your terminal's STDOUT 

References

• Man page
• My community at StackOverflow. 

What does a woman want from a man most?

The Story

King Harshavardhan was defeated in the battle.

He was handcuffed and taken to the winner king.At that time the winner king was in a happy mood.

The king kept a proposal for Harshavardhan and said, “ If you can answer me a question correctly I will return your kingdom or else leave aside the kingdom, you shall have to remain a prisoner for the rest of your life in my country.”

“The question is, ' what does a woman want from her man?' You will get a month of time to give the answer.”

Harshavardhan accepted the King's proposal.

Essential ProTips For Great Life

1. For a new boost of energy just have a cold shower.
2. 90% of foods can be eaten raw. Eating raw food can prolong your life.
3. Always take the stairs, especially if your office is on the first, second, third up to fifth floor. Sixth floor you’ll be sweating hard. There’s no exercise more rigorous and engaging like climbing stairs.
4. Help out other people who need help and earn their credit for future reciprocity.
5. Learn something every single day.
6. Don’t study just to pass exams. Study to improve yourself.
7. Learn public speaking. Knowing how to speak in public is like getting a key to get into people’s minds.
8. Use social media to connect with social friends who can be turned into customers rather than for amusement.
9. Unlearn all the junk you have in your brain and replace it with new knowledge that can take you to the next level.
10. You are an average of 5 people you are with. So, find 5 people who have more knowledge than you and become the average of them.
11. Seek ways to improve yourself daily intellectually, professionally, physically, mentally and spiritually.
12. Avoid smoking, drugs, alcohol and porn. All these substances and habits have the same properties that will only impair your brain, clog your memory and destroy your mind.
13. Don’t forget to give credit where credit is due, and praise where it deserves.
14. Replace your entertainment time with education.
15. Drink at least eight glasses of water each day.
16. Spend at least an hour daily doing physical exercise and meditation to improve your body, spirit and mind.
17. Become time-conscious and strictly optimize your time towards your goal.
18. Become money-conscious and do not be ashamed to charge a fee for every service rendered if the beneficiary can afford it.
19. Don’t shout at people. When people raise their voice, lower your own. This is the most effective way to win a verbal exchange.
20. Never engage in physical fights. You might end up in jail. Besides, there are many ways to win a battle.
21. When walking in the streets walk faster than everybody else without inconveniencing anyone. This improves your thinking capacity and judgment. Besides, you become a difficult target for muggers and thieves.