Downloads: 0 | Views: 56
Research Paper | Computer Science and Information Technology | United States of America | Volume 13 Issue 7, July 2024 | Rating: 4.5 / 10
Serverless Security: Best Practices for Protecting Functions-as-a-Service
Yamini Kannan
Abstract: This paper explores the unique security challenges and best practices associated with serverless computing, particularly Functions-as-a-Service (FaaS) architectures. It examines the ephemeral nature of serverless functions, the shared responsibility model, and the expanded attack surface that characterize these environments. The study delves into common security threats specific to serverless applications, including function event data injection, insecure deployment configurations, broken authentication and authorization, and sensitive data exposure. A comprehensive set of best practices for securing serverless functions is presented, focusing on implementing least privilege access, secure coding practices, data encryption, effective monitoring and logging strategies, and regular security audits. The paper also discusses future trends in serverless security, emphasizing the need for automated tools, advanced isolation techniques, and industry-wide security standards. Through case studies and expert insights, this research provides actionable recommendations for organizations adopting serverless architectures, aiming to balance the benefits of serverless computing with robust security measures.
Keywords: Serverless computing, Functions-as-a-Service (FaaS), Cloud security, Ephemeral functions, Shared responsibility model, Event-driven security, Least privilege access, Serverless deployment, Function isolation, Compliance in serverless environments
Edition: Volume 13 Issue 7, July 2024
Pages: 1190 - 1194