[WSO2Con EU 2018] Talk Microservices to Me: The Role of IAM in Microservices Architecture

  • By WSO2 Team
  • 8 Nov, 2018

Talk Microservices to Me: The Role of IAM in Microservices Architecture

play button

Talk Microservices to Me: The Role of IAM in Microservices Architecture

Prabath Siriwardena Vice President - Security Architecture, WSO2

Security by design is applicable to the microservices paradigm the same way it is applicable to any software architecture. Monolithic applications handle end user authentication and authorization in a central manner, but with microservices, each independent module has to perform necessary end user authentication and authorization along with validating service-to-service trust.

Adding to that, the granularity of these services, and frequent interactions between them make securing microservices more challenging. Using the same approach to solve security considerations of monolithic services is not applicable.

Moreover, current authentication and authorization protocols cannot directly address these requirements, so they need the flexibility of identity and access managers to adapt to the required changes.

In this session, Prabath will talk about the challenges of securing microservices, best practices to overcome them, and expectation of IAM in the microservices architecture.

Presenter

Prabath Siriwardena Vice President - Security Architecture, WSO2

Prabath has over 11 years of industry experience that currently involves providing security architecture solutions WSO2 key customers. He has spoken at several global user conferences and authored four books related to Apache Maven, enterprise integration, and API security. He is an Apache Axis2 PMC member and a member of OASIS Identity Metasystem Interoperability TC, OASIS eXtensible Access Control Markup Language TC, OASIS Security Services TC, OASIS Identity in the Cloud TC, and OASIS Cloud Authorization TC.