JAX London, 3–6 October 2022
The Conference for Java & Software Innovation

Service meshes: Replay-proof microservice security

This talk originates from the archive. To the CURRENT program
Until June 23 ✓ Save up to £668 ✓ Workshops day for free ✓ Arduino Starter Kit or Amazon Echo Dot for free Register now
Wednesday, October 10 2018
16:35 - 17:25


Microservice security is too hard. We must issue and rotate TLS certificates, deploy identity providers, and embed auth logic in applications. These all require secure development, test, and maintenance effort. Istio (a Google, IBM, and Lyft project) offers a new way: by providing a service mesh and a unified identity for each request, it offers all of these things with zero application changes. In this talk we describe:


– Why all applications should use encryption by default


– What a service mesh is, and why Istio may revolutionise microservices


– Why a service mesh can increase application security and availability


– How to get “free” mutual TLS between all services and rotate certs every hour


– How to prevent replay attacks using “mints”


– How to securely delegate requests between microservices


Behind the Tracks

Software Architecture & Design
Software innovation & more
Architecture structure & more
Agile & Communication
Methodologies & more
Emerging Technologies
Everything about the latest technologies
DevOps & Continuous Delivery
Delivery Pipelines, Testing & more
Cloud & Modern Infrastructure
Everything about new tools and platforms
Big Data & Machine Learning
Saving, processing & more