%0 Conference Proceedings
%T Low-Level Exploitation Mitigation by Diverse Microservices
%+ University of Bergen (UiB)
%A Otterstad, Christian
%A Yarygina, Tetiana
%Z Part 2: Microservices and Containers
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 6th European Conference on Service-Oriented and Cloud Computing (ESOCC)
%C Oslo, Norway
%Y Flavio De Paoli
%Y Stefan Schulte
%Y Einar Broch Johnsen
%I Springer International Publishing
%3 Service-Oriented and Cloud Computing
%V LNCS-10465
%P 49-56
%8 2017-09-27
%D 2017
%R 10.1007/978-3-319-67262-5_4
%K Security
%K Software diversity
%K Design patterns
%K Robustness
%Z Computer Science [cs]Conference papers
%X This paper discusses a combination of isolatable microservices and software diversity as a mitigation technique against low-level exploitation; the effectiveness and benefits of such an architecture are substantiated. We argue that the core security benefit of microservices with diversity is increased control flow isolation. Additionally, a new microservices mitigation technique leveraging a security monitor service is introduced to further exploit the architectural benefits inherent to microservice architectures.
%G English
%Z TC 2
%Z WG 2.14
%2 https://inria.hal.science/hal-01677618/document
%2 https://inria.hal.science/hal-01677618/file/449571_1_En_4_Chapter.pdf
%L hal-01677618
%U https://inria.hal.science/hal-01677618
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-ESOCC
%~ IFIP-TC2
%~ IFIP-WG2-14
%~ IFIP-LNCS-10465