U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Building Secure Microservices-Based Applications Using Service-Mesh Architecture: Draft SP 800-204A is Available for Comment
January 17, 2020

As microservices-based applications are increasingly adopted within large enterprises and cloud-based environments, there is a need for a dedicated, scalable-supporting infrastructure that will allow for provisioning a comprehensive set of security services. Called Service Mesh, these security services include—but are not limited to—authentication, authorization, secure service discovery, secure communication, and security monitoring. The deployment of Service Mesh components to enable these services involves multiple configurations.

Today, NIST is releasing Draft NIST Special Publication (SP) 800-204A, Building Secure Microservices-based Applications Using Service-Mesh Architecture, for public comment. Its purpose is to provide deployment recommendations for Service Mesh components that span several runtime aspects of microservices-based applications to meet the security requirements for this class of application for various scenarios.

A public comment period for this document ends February 14, 2020. See the publication details for a copy of the document and instructions for submitting comments.

NOTE: A call for patent claims is included on page iv of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Created January 17, 2020, Updated June 22, 2020