The Doppler Quarterly Fall 2019 | Page 23

tecture; function as a service (FaaS) / backend as a service (BaaS) shared responsibility; serverless tooling vendors’ contributions; our customers’ input; industry use cases; and our own security and architecture intellectual property. The goal is to enable a well structured, secure architecture, as well as to design and implement serverless applications. Our serverless cloud security model is based on our secu- rity reference architecture (SRA), which is an extension of the CSA SRA. Our model maps to SRA domains that are applicable to serverless architecture, and to those frameworks and stan- dards detailed in the footnote. Our SRA enables enterprises to secure their serverless applications in a systematic and structured way. The SRA also facilitates tracking those applications against standards and regulations on the capability level. Before diving into the abstraction of the serverless SRA, let us take a look at how the serverless shared responsibility model has evolved. Changes to the Cloud Security Shared Responsibility Model With the adoption of serverless technology, the cloud shared responsibility model has evolved. In general, respon- sibilities have shifted from the customer to the service pro- vider. Look at how cloud service providers (CSPs) provide FaaS, and what they take as their responsibility from archi- tectural, operational and security perspectives (Figure 1). The chart shows the resulting shared responsibilities between the application owner and service provider. As an example, the platform and operating systems were formally the customer’s responsibility in the classic model, but in a serverless system they are taken care of by the CSP. This does not mean that the customer is not accountable for the security of their data and applications. It only implies that the provider has responsibility for more layers. We utilize this model to identify the domains in our SRA that are the customer’s responsibility. Hence, clients must be accountable for positioning the required controls. Functions Configuration Application Identity & Access Data at Rest in Cloud Data in Transit Protection Client-side Encryption Application Owner Compute Function as a Service (FaaS) environment Storage Database Analytics Network Identity and Security Management Geo Regions Data Centers Backbone Network Availability Zones Cloud Service Provider Edge Locations Hardware Figure 1: Shared responsibility model for serverless FALL 2019 | THE DOPPLER | 21