A Look at Backup Ninja’s Microservices Security

A Look at Backup Ninja’s Microservices Security

Profile picture for user AndrewAbwoga
Andrew Abwoga
28 April 2020

In a DevOps world, shift left security is a practice that is highly recommended to tackle application security issues. The practice of shifting left enables security and application teams find security defects way earlier in the application development lifecycle which translates to bolting on security way earlier in the application lifecycle. Also, with the use of microservice architectures there is a greater opportunity to identify and tackle security issues earlier on in the development lifecycle, also, easily reduce your security debt as you progress towards developing more features for your application and leverage common security design principles to create a watertight application design. Backup Ninja makes use of microservice constructs like gRPC and protocol buffers for secure microservices communications as we are about to see.

Microservice Communications

Typically, a microservices architecture will have different application components communicating with each other. Components normally expose application programming interfaces (API) as a server or they will consume an API as a client. The communication protocols used can vary. In some architectures, microservices may be designed to communicate using Restful JSON over HTTP(s) mechanisms or traditionally XML over HTTP(s) mechanisms like SOAP or RPC-based protocols.  More recently though, the use of gRPC and protocol buffers are being used to realize more efficient speeds in communications, and also security.

What are gRPC and Protocol Buffers?

gRPC is a modern and high-speed RPC framework that is used for communication between application service components which provides load-balancing, tracing, health checking and authentication. gRPC uses protocol buffers which are language-neutral, platform-neutral, extensible mechanisms for serializing structured data. Protocol buffers are used with gRPC to define an Interface Definition Language (IDL) in the form of a contract for structuring the payloads that may be crossing between different application components. Like many RPC  systems, gRPC is based around the idea of defining a service, specifying the methods that can be called remotely with their parameters and return types. Essentially, gRPC makes use of a client/server architecture between application components for communication.

Backup Ninja Microservices

Microservice Authentication Using gRPC

SSL/TLS Authentication

gRPC readily has SSL/TLS integration and promotes the use of SSL/TLS for authentication. This caters for secure exchange of data between different microservice components. More optimal methods are also available for implementing mutual authentication using not only server certificates but client certificates too. Backup Ninja makes use of the latter for communication between different microservices. Below are snippets of client and server code using SSL/TLS.

Client:

creds, _ := credentials.NewClientTLSFromFile(certFile, "")

conn, _ := grpc.Dial("localhost:50051", grpc.WithTransportCredentials(creds))

// error handling omitted

client := pb.NewGreeterClient(conn)

// 



Server:

creds, _ := credentials.NewServerTLSFromFile(certFile, keyFile)

s := grpc.NewServer(grpc.Creds(creds))

lis, _ := net.Listen("tcp", "localhost:50051")

// error handling omitted

s.Serve(lis)

Token-Based Authentication

gRPC provides token-based authentication for communication using a simple authentication API. Token-based authentication can be achieved in several ways. gRPC gives you the option to use client-side SSL/TLS credentials, Google token-based authentication or other custom authentication mechanisms. Backup Ninja uses tokens too.

Common Security Principles

Making use of a gRPC-based microservice architecture readily enhances your applications security. Using the capabilities above already helps you achieve the principle below:

  1. Least Privilege - By using token-based mechanisms you can already realize least privilege since you have the capability to ensure that components have just enough access to other relevant components that they may need access to.
  2. Defense in Depth - By using the authentication mechanisms present in gRPC it ensures you have layered access authorization to different components in the architecture.
  3. Separation Privilege - Authentication using gRPC also ensures you have access approval based on the unique component identities.
  4. Separation of Concerns - Having specialized and independent microservice components not only gives you an opportunity to provide reliability and availability by readily scaling up your services, if needed, but also the ability to readily patch security holes on the independent microservices with ease. 
  5. Economy of Mechanism - Simple microservice components will provide an opportunity to readily beef up the security of your application components unlike the complexity of having to secure a very complex monolith application.

Final Thoughts 

Backup Ninja makes use of gRPC-based microservices with token-based authentication and SSL/TLS communication. With it, you have confidence in using a secure and reliable cloud backup service.