Internship: Microservices Security; Identity and Access Management

Microservices (or actually the microservice architectural style) promotes developing and deploying applications composed of independent, autonomous, modular, self-contained units. Unlike a more traditional system, often called ‘monolithic’, where all services are part of a single deployable unit. This results in various much-discussed tradeoffs:

  • They scale independently, because they are autonomous and self-contained, but at the cost of network overhead and strong consistency.
  • They are more maintainable, because their relatively small size and intrinsic modular qualities, but at the cost of more complex (distributed) infrastructure.
  • They allow you to use a best-fit approach to language and storage technology on a per-service basis, but at the cost of more operational complexity.

What has not changed is the requirement that not everyone is allowed access to all parts of a system. The user needs to be identified and access rules need to be enforced.

Your assignment is to conduct a literate review to increase your breadth of knowledge of the available options to take care of Identity and Access Management (IAM) in a microservices architecture and to draw your deliberate conclusions.

Your research is not limited to ‘desk research’ as you create a distributed system implemented with the various Identity and Access Management options to substantiate your judgement.

keywords: security, stateless protocols, web tokens

Like this assignment? For more information please contact Jorg Hollenberg,