AUTHNZ — Authentication and Authorization in Micro-Service Architecture

AUTHNZ — Authentication and Authorization in Micro-Service Architecture

摘要

In this article, we are going to look at the Authentication and Authorization(AUTHNZ) system in a distributed microservice architecture of one of India’s leading fashion e-commerce destinations, Myntra. The highly dynamic and elastic environment broke accepted perimeter security concepts, requiring better service level interaction that was agnostic of the underlying network. As organizations adopt new technologies, such as containers, microservices, cloud computing, and serverless functions, one trend is clear: there are a larger number of smaller pieces of software. This both increases the number of potential vulnerabilities that an attacker can exploit, and also makes managing perimeter defenses increasingly impractical, thus making the Zero trust policy an integral part of the solution.