1

Securing Serverless Computing: Challenges, Solutions, and Opportunities Xing Li, Student Member, IEEE, Xue Leng, and Yan Chen, Fellow, IEEE

Abstract—Serverless computing is a new cloud service model been made to address these challenges. Related studies have that reduces both cloud providers’ and consumers’ costs through arisen from academic research, commercial cloud providers, extremely agile development, operation, and charging mecha- and thriving open-source communities and have considerably nisms and has been widely applied since its emergence. Nev- ertheless, some characteristics of serverless computing, such as enhanced serverless security. Therefore, a systematic survey fragmented application boundaries, have raised new security of current research progress is needed to provide a foundation challenges. Considerable literature work has been committed to for continuing security enhancement. addressing these challenges. Commercial and open-source server- less platforms implement many security measures to enhance Some previous surveys of serverless computing have been serverless environments. This paper presents the first survey conducted [2], [3]; however, they have three main drawbacks of serverless security that considers both literature work and in revealing the current status of security research. In terms industrial security measures. We summarize the primary security of subject matter, these surveys have extensively discussed the challenges, analyze corresponding solutions from the literature concepts, challenges, applications, and prospects of serverless and industry, and identify potential research opportunities. Then, we conduct a gap analysis of the academic and industrial solu- computing but have not specifically targeted security. Re- tions as well as commercial and open-source serverless platforms’ garding content, the previous surveys have briefly introduced security capabilities, and finally, we present a complete picture possible risks or attacks but have not systematically analyzed of current serverless security research. existing solutions and future directions of research. In terms of Index Terms—Cloud Computing, Serverless Computing, Secu- materials, these surveys have focused on literature work and rity, Survey. have not considered the measures adopted in industry (i.e., commercial or open-source platforms); however, an academic I.INTRODUCTION focus alone is insufficient for a review of a widely applied cloud computing model such as serverless computing. HE development of cloud computing has driven various T service model innovations, including serverless comput- Therefore, a complete and systematic review of serverless ing. In this model, cloud providers are responsible for all security is urgently needed. To promote serverless computing server-related management tasks, such as resource allocation, and inspire new research, we present the first survey on server- service deployment, scaling, and monitoring, and an appli- less security whose horizon is expanded from academia alone cation is charged only for its execution time. As a result, to include industry. In this paper, we first introduce the concept consumers can avoid tedious management tasks, focus on the and background of serverless computing (Section II). Starting business code, and save costs by not paying for idle resources. from the unique characteristics of this service model, we then These advantages in terms of efficiency and economy have present a classification of the main security challenges and led to the rapid development of serverless computing in analyze their root causes. Subsequently, we review the state- recent years and have attracted extensive attention from both of-the-art solutions proposed in the literature and adopted by industry and academia. According to a recent report, the global popular serverless platforms for each challenge. Based on the arXiv:2105.12581v1 [cs.CR] 25 May 2021 serverless market size is estimated to grow to $21.1 billion by degree to which these problems are solved, we note potential 2025 [1]. research opportunities (Section III–Section VI). Finally, we However, as a novel service model, serverless computing illustrate our findings in comparisons of the current academic also has certain distinguishing features that present some and industrial solutions as well as commercial and open-source challenges, leading to security and compliance concerns. For platforms (Section VII). example, its agile and lightweight virtualization technologies The main contributions of this work are as follows: may lead to weak isolation, and the ephemeral nature of its computing instances could increase the difficulty of se- • A systematic summary of the challenges arising in secur- curity management. In recent years, substantial efforts have ing serverless computing is presented. • A brief but comprehensive review of academic and in- X. Li and X. Leng are with the College of Computer Science and Technology, Zhejiang University, Hangzhou, 310027, China (e-mail: dustrial solutions is provided. [email protected]; lengxue [email protected]). • A set of promising potential research opportunities is Y. Chen is with the Department of Computer Science, Northwestern proposed. University, Evanston, IL 60208, USA (e-mail: [email protected]). This work has been submitted to the IEEE for possible publication. • A multiaspect gap analysis of the current research status Copyright may be transferred without notice, after which this version may is conducted. no longer be accessible. 2

Application Boundary Storage Service Function A Function B Function C End User Function A Function C FaaS Runtime FaaS Runtime FaaS Runtime Log Service API Container Container Container Gateway \ Scheduled Task Container Engine Function B Function D ... Virtual Machine VM Other Clients SMS Service Message Queue Bare Metal Server : Trigger Events : Functions : Backend Services

(a) FaaS Technology Stack (b) A Typical Serverless Application Fig. 1: (a) A container-based FaaS technology stack. Typically, only the top-level function code is managed by customers. (b) The architecture of a serverless application that includes FaaS and BaaS components.

II.BACKGROUNDAND OVERVIEW Customer 1 Customer 2 3 Management Interface A. Serverless Computing … Deployment Security . . . Virtualization technology is the cornerstone of cloud ser- ① ③ Management Services vices. Based on the platform-as-a-service (PaaS) model, the B Functions recent prosperity of lightweight virtualization (e.g., contain- Authentication 1 A ers) has given birth to a new model: function-as-a-service C ④ ② 2 Visualization (FaaS). As shown in Figure 1 (a), in this model, customers develop and deploy small code pieces called functions in the Backend ⑤ Monitoring Storage Logging . . . cloud. These functions are deployed in lightweight virtualized Services . . . environments such as containers and executed on platform- 4 Infrastructure Resources provided runtimes. Each function focuses on a different task, and multiple functions can be combined in an event-driven ① -- ⑤ : Threats 1 -- 4 : Challenges manner to realize complex business logic. Events that can Fig. 2: Locations of threats and security challenges in the activate the execution of functions are called triggers; these serverless computing framework. include but are not limited to HTTP requests, logs, storage events, and timers. With lightweight virtualization, functions can be initialized Meanwhile, this new cloud service model has begun to be extremely fast (usually within a few milliseconds). Therefore, embraced in many scenarios, such as data processing and the providers can instantiate functions only when needed and Internet of Things (IoT) paradigm. flexibly scale them, thereby maximizing resource utilization. Consequently, functions usually have a short lifecycle. This B. Threats and Security Challenges agility is also beneficial to consumers. Since the occupied As a multitenant cloud service model, serverless computing resources will be released when they are not in use, consumers is susceptible to security threats that can be divided into five need to pay only for functions’ actual execution time and do categories based on where they are launched. The first category not need to reserve resources for emergencies. consists of external attacks on applications from malicious Moreover, cloud providers offer dedicated services and users (x), such as cross-site scripting attacks and injection application programming interfaces (APIs) for tasks such as attacks. Due to the unlimited scalability and the pay-as-you- storage, logging, and identity management. These services go feature of serverless computing, denial of service attacks can help customers build and manage server-side logic, thus will lead to a substantial increase in the cost to application significantly accelerating application development and release. owners. The second comprises internal attacks on applications This service model is known as backend-as-a-service (BaaS). from malicious insiders (y), such as illegal internal access Serverless computing is generally regarded as a combination and sniffing attacks. Adversaries in the internal network can of FaaS and BaaS. By undertaking all management tasks even perceive sensitive information from the communication directly related to infrastructure resources, cloud providers pattern and activity level of functions. For example, in a health make server-related details transparent to consumers. From monitoring application, a particular sequence of triggered the customer’s perspective, cloud applications are serverless functions may reflect a specific health condition of the patient — neither development, deployment, management, nor billing [3]. The remaining three categories are horizontal attacks is server-centric. Figure 1 (b) illustrates the architecture of a between tenants (z, e.g., side-channel attacks), vertical attacks typical serverless application. on serverless infrastructures from malicious tenants ({, e.g., Currently, serverless computing is widely applied. Major container escape attacks), and vertical attacks on applications providers such as Amazon Web Services (AWS), Microsoft from malicious platforms (|). Azure, and Google Cloud have all launched serverless prod- To address these threats, the best practice is to build a ucts; a series of open-source platforms is also emerging. defense-in-depth system to protect serverless applications and 3

TABLE I: The landscape of the survey, including security challenges and their root causes, proposed solutions, our reviews, and research opportunities.

Challenges Resource Isolation Security Monitoring Security Management Data Protection The weakness of lightweight The ephemerality of functions The distributed nature of func- Platforms’ control of the func- Root Causes virtualization technologies in and the broken boundaries of tions and the fragmented appli- tion lifecycle and BaaS ser- isolation serverless applications cation boundaries vices’ participation in business logic Virtual-machine-based secure Information flow mining and Advanced management capa- Hardware-based trusted execu- Literature containers, e.g., minimized tracing, e.g., static analysis [6] bilities, e.g., workflow-sensitive tion environments, e.g., protect- Work VMMs [4] and unikernels [5] and dynamic tracing [7], [8] authorization [9] and secure ing running code with Intel container network stacks [10] SGX [11], [12] Secure containers and network Security scanning and monitor- Fine-grained authentication and Encryption in transit and at rest, Industrial boundaries, e.g., Firecracker ing tools, e.g., Azure Monitor, authorization, e.g., IAM sys- e.g., TLS/SSL, code/data en- Solutions [4], gVisor, and VPCs AWS X-Ray, and DevSecOps tems and role-based access con- cryption, and key management tools trol services Status Well resolved Partially resolved Partially resolved Partially resolved Secure containers with better Nonintrusive tracing schemes Automatic security configura- Other confidential computing Research isolation, better performance, and advanced insight capabil- tion and auditing tools solutions such as homomorphic Opportunities and lower overhead ities such as diagnosis and encryption forensics platforms at multiple stages and levels. However, the flexibility containers share the host’s OS kernel, and thus, their isolation and agility of serverless applications expose them to a series is weak. Malicious consumers could employ this weakness to of security challenges in the process of achieving this goal. influence or attack other consumers located on the same host These challenges are concentrated in four aspects: resource (e.g., via side-channel attacks). For example, Wang et al. [13] isolation (‚), security monitoring (ƒ), security management found that AWS Lambda suffers from performance isolation („), and data protection ( ). Figure 2 depicts the locations of issues, and Azure Functions has placement vulnerabilities that the threats and challenges in the serverless framework. facilitate side-channel attacks. Literature Work. To enhance the isolation of lightweight C. Survey Methodology and Objects virtualization technologies and address this challenge, pub- To fully understand the current state of the art in serverless lished research focuses on VM-based solutions. Compared security technologies, we collected and investigated the solu- with containers, VMs can provide better security boundaries tions proposed in research work and the security mechanisms but require a longer time to initialize. Hence, researchers adopted in practice for serverless platforms. An overview of have attempted to make VMs more lightweight to meet the this survey is presented in Table I. flexibility requirements of serverless computing. The basic For the literature work, we collected 77 papers related idea is to reduce the size of the guest kernels, that is, remove to serverless security that have been published since 2014 unnecessary modules, to build “microVMs”, even keeping (when the serverless concept emerged). We selected nine only the libraries that will be used [4], [5]. Moreover, Cadden recent research papers published in high-reputation confer- et al. [5] employed unikernel snapshots to further accelerate ences or journals to showcase the academic world’s latest initialization, and Agache et al. [4] minimized virtual machine achievements. Moreover, we collected the security features of monitors (VMMs) to reduce the trusted computing base. These popular serverless platforms from their documentation. These microVMs have successfully reduced the initialization time to platforms include the leading commercial platforms AWS the millisecond level while providing VM-level isolation. Lambda, Google Cloud Functions, Azure Functions, Alibaba Industrial Solutions. Led by Amazon, Firecracker [4] has Cloud Function Compute, and IBM Cloud Functions as well been applied in AWS Lambda. Moreover, all surveyed com- as the popular open-source serverless frameworks OpenFaaS, mercial serverless platforms except IBM Functions utilize Kubeless, Knative, Fission, Apache OpenWhisk, and Nuclio. their own secure container products. These containers enable advanced isolation by employing various techniques, such as III.CHALLENGE 1: RESOURCE ISOLATION microVMs (e.g., Firecracker) and container sandboxes (e.g., Serverless computing relies on the dynamic release and gVisor). Commercial platforms also provide mechanisms for reuse of software and hardware to improve resource utilization network-layer isolation, such as virtual private clouds (VPCs). and reduce costs. Thus, there is a strong requirement for Review and Analysis. Secure containers provide VM-level resource isolation, especially among multiple tenants. resource isolation and have become a standard mode of However, this requirement conflicts with the weak isola- implementation in production environments. Therefore, we tion of lightweight virtualization, thereby giving rise to this consider this challenge well resolved. However, due to hard- challenge. Serverless computing requires swift and on-demand ware sharing, these approaches are still susceptible to side- function initialization. To this end, lightweight virtualization channel attacks. Moreover, trade-offs remain between security technologies have been widely adopted. Unlike traditional and performance. For example, gVisor sacrifices significant virtual machines (VMs) with guest operating systems (OSs), performance for security (in particular, a 216× reduction in 4

file opening speed) [14]. Additionally, many existing efforts components, providers recommend continuous security vali- employ snapshots [15] or even memory sharing [5] to reduce dation in continuous integration and continuous deployment the start-up time as much as possible, which also degrades (CI/CD) pipelines and offer a series of tools, such as static security to a certain extent. vulnerability scanning and automatic penetration testing, for Research Opportunities. Looking forward, serverless com- this purpose. puting will embrace new secure containers if they offer Review and Analysis. The proposed dynamic methods solve progress in the following three dimensions: (1) security, the problem of the coarse-grained and incomplete nature of the achieving better isolation than VMs; (2) efficiency, providing existing monitoring schemes to a certain extent. For example, performance closer to that of physical machines; and (3) data-oriented tracing [8] can be integrated with traditional lightweight computing, incurring lower overheads. behavior-oriented mechanisms. Moreover, since functions have relatively low internal complexity, static-analysis-based meth- ods are feasible. These approaches could be an effective IV. CHALLENGE 2: SECURITY MONITORING supplement to dynamic methods, which may introduce con- siderable runtime overhead. Following best practices in the A serverless platform generally maintains a set of run- development phase can also mitigate the threat posed by non- times for functions, including commonly used packages of secure third-party components. Unfortunately, the information the supported programming languages. Moreover, to meet that can be obtained through static analysis is limited. Current diverse development needs, most providers also support cus- dynamic solutions all require code instrumentation or agent tom runtimes and even provide function marketplaces. The embedding to enable end-to-end monitoring and tracking, security risks posed by third-party packages and functions resulting in high compilation and runtime overheads [7], [8]. necessitate reliable monitoring capabilities to detect anomalies Hence, we consider this challenge only partially resolved. and determine the security status. Furthermore, in a serverless environment, the ephemeral Research Opportunities. The exploration of nonintrusive nature of functions and the broken application boundaries tracking schemes is a potential research opportunity. Fur- present new challenges. First, although the short-lived nature thermore, advanced insight capabilities are lacking in current of functions reduces the attack surface, it also significantly platforms. These capabilities include assessing security status, narrows the window for developers to discover and diagnose predicting and diagnosing faults, and conducting detection and problems. Second, as shown in Figure 1 (b), a serverless forensics for security events. With various triggers, server- application may have multiple entry points due to a variety of less applications can naturally perform “feedback regulation” triggers. These entry points, coupled with BaaS services, cause for self-management. Meanwhile, functions’ short lifecycles the boundaries of serverless applications to be fragmented and and massive logs impose high requirements on the speed further increase the difficulty of monitoring. Moreover, lacking of solutions. We believe this scenario represents a research control over the execution environments and BaaS services, opportunity where artificial intelligence (AI)-based methods consumers must rely on the provided interfaces for monitoring, might be beneficial. which may lead to incomplete views of the running status. For example, Lin et al. [7] noted that AWS Lambda’s monitoring V. CHALLENGE 3: SECURITY MANAGEMENT granularity is relatively coarse, and the tracking paths are not Security management is a critical means for administrators continuous across BaaS services. to enforce security intentions and protect applications. As Literature Work. To address this challenge, researchers have described in Subsection II-B, the diversity of the possible attempted to mine and track the information flows in serverless attacks in serverless environments necessitates comprehensive applications from both static and dynamic perspectives. Obetz security management capabilities that can provide protection et al. [6] proposed an augmented call graph that considers at multiple levels. BaaS services and explained the feasibility of obtaining the However, the fragmented application boundaries of server- graph through static analysis. To dynamically track where less applications increase the difficulty of security manage- and how data flow, Datta et al. [8] placed an agent in each ment. The distributed nature of functions further exacerbates function’s container to proxy its network requests. These this challenge. On the one hand, functions must carefully agents generated and propagated labels for inbound and out- inspect the input and output at all their entry points; failure to bound traffic to record the flow of information and could also comply with this principle may lead to injection attacks. On restrict functions’ behavior based on preconfigured policies. the other hand, an external request may trigger communication In addition, Lin et al. [7] proposed GammaRay, a dynamic among multiple functions and BaaS services, necessitating tracking tool that can capture the causality of invocations fine-grained authentication and authorization among functions across BaaS services to build complete trace graphs. and services. This task can be challenging for large-scale or Industrial Solutions. Commercial platforms provide various complex applications. tools and interfaces to record, aggregate, display, and analyze Literature Work. Traditional authentication and authorization monitoring data. Some can even serve as triggers for automatic mechanisms have been well studied. Building on this work, re- function management. They also aim to gradually enable dis- searchers are currently attempting to provide advanced security tributed tracing while ensuring adequate performance. More- management capabilities at new levels. Sankaran et al. [9] built over, to further mitigate the impact of nonsecure third-party a workflow-sensitive authorization mechanism for serverless 5 applications. It proactively verifies external requests’ permis- advancing research in these two directions. sions for all functions involved in their workflows at the application entry point. Thus, applications can reject illegal VI.CHALLENGE 4: DATA PROTECTION requests as early as possible, thereby avoiding partial pro- Data security is the lifeline of cloud services. Unlike in other cessing of illegal requests and reducing the potential attack models, serverless providers control the whole application surface. Moreover, Nam et al. [10] revealed a data leakage lifecycle (e.g., the deployment, scaling, execution, and termi- risk in container networks and redesigned a secure network nation of functions) and the entire software stack. Moreover, stack to protect intercontainer communication. Specifically, as part of the application and business logic, BaaS services the method verifies and filters out illegal requests based on can directly access and process data. All these characteristics the intercontainer dependencies and utilizes end-to-end direct require consumers to have deep trust in the provider. forwarding to prevent traffic exposure. It even improves the Nevertheless, whether during the execution of code in an container network’s performance. uncontrolled environment or the processing of sensitive data Industrial Solutions. Based on various security policies, through the platform’s services, privacy and compliance con- cloud providers have formulated “best practices” for security cerns may arise. To alleviate these concerns, platforms need management. These policies act on multiple layers and mul- to implement strict data protection measures to clearly and tiple resources and have the potential to provide promising fully persuade consumers. Given the flexibility requirements management capabilities. For example, commercial platforms of serverless environments, this task could be challenging, achieve well-defined identity authentication and fine-grained but it is essential for expanding the application scenarios of authorization with mature identity access management (IAM) serverless computing. systems. AWS Lambda even provides role-based policies, Literature Work. In addition to protecting data at rest or resource-based policies, access control lists, and other man- in transit through encryption, recent work has focused on agement methods for consumers to choose among and flexibly protecting data in use. Researchers have attempted to estab- combine. lish a trusted execution environment (TEE) for functions to Review and Analysis. Based on fine-grained security man- relieve customers of the need to fully trust providers [11], agement policies, existing solutions provide multilevel protec- [12]. Specifically, several approaches employ Intel SGX, a tion for serverless applications. Providers also document best hardware-based mechanism that uses encrypted memory to practices as guidance. However, a gap may inevitably exist protect running code and data from privileged software, even between actual situations and the recommended best practices. the OS. Moreover, Qiang et al. [11] proposed a two-way First, both academic [9], [10] and industrial solutions require sandbox, that is, a WebAssembly sandbox nested in an SGX administrators to customize security policies in accordance sandbox, to prevent a platform from accessing sensitive data with the application architecture and business logic. Although processed by functions while also protecting the platform from server management is the providers’ responsibility, the burden untrusted code. placed on consumers for security management has not been Industrial Solutions. On the basis of their mature storage relieved but instead has been made even heavier: fine-grained services and security management experience, commercial policies require attentive design and careful configuration, platforms provide adequate support for encryption in transit which is a time-consuming and error-prone process. Second, and at rest. This protection covers the files and code uploaded providers’ marketing emphasizes only cost-effectiveness and by customers as well as the environment variables of func- convenience, making it easy for consumers to ignore their tions. Moreover, standard key management services (KMS) responsibility to ensure security. As mentioned above, any vio- are provided to help customers handle secrets. lation of design principles and best practices may compromise Review and Analysis. Protecting data in use has become a applications’ security. In other words, current mechanisms do significant dimension of cloud security. In this regard, current not reduce the complexity of security management. Applica- serverless research is focused on hardware-based TEEs, which tions’ safety depends on the extent to which best practices still have many limitations, such as poor performance, diffi- are followed. Therefore, we consider this challenge partially culty with hardware heterogeneity, and running only in the user resolved. space. Moreover, these techniques have not yet been applied Research Opportunities. At present, the assistance of auto- to serverless products. Therefore, we consider this challenge mated tools is urgently needed. One possible research direction to be partially resolved. is automated security configuration. The ideal tool would Research Opportunities. In recent years, many confidential be able to perceive an application’s architecture and status, computing solutions, such as homomorphic encryption and se- extract the consumer’s security intentions, and provide support cure multiparty computation, have emerged for the protection for policy configuration, maintenance, and updating. Another of data in the cloud. Considering the limitations of the current research direction concerns automated security audits, for solutions, the community is expected to appreciate further which there is a growing market. The ideal tool is expected exploration and adoption of these techniques. to not only check whether security measures are deployed but also evaluate the quality of these measures based on an appli- VII.GAP ANALYSIS cation’s specific characteristics. We believe that the security During our investigation, we obtained some interesting risks posed by incorrect configurations can be alleviated by findings about the current research status of serverless secu- 6

TABLE II: A brief list of security mechanisms used in commercial serverless platforms.

Google Alibaba Cloud IBM Aspect Category AWS Lambda Azure Functions Cloud Functions Function Compute Cloud Functions Azure Container Alibaba Cloud System Firecracker gVisor Docker containers Isolation Instances Sandbox Network VPC VPC Azure ASE VPC VPC Visualization Amazon CloudWatch Stackdriver Logging Azure Monitor CloudMonitor Sisdig Monitoring Tracing AWS X-Ray Cloud Trace Application Insights Context objects Zipkin/Jaeger Cloud Functions Azure AD and Authentication AWS IAM Digital signatures IBM IAM IAM third-party identities Management Role-based/resource- Role-based access Role-based access Role-based access Role-based access Authorization based access control control control control control and other policies In Transit mTLS Google ALTS mTLS TLS on ingress TLS on ingress Encryption Files, secrets, Code, environment At Rest All data, KMS All data, Key Vault Data, secrets environment variables variables, KMS Event Threat DevSecOps tools, Azure Tools Tools AWS Trusted Advisor -- Detection (ETD) AD Access Reviews

TABLE III: A brief list of security mechanisms used in open-source serverless platforms.

Aspect Category OpenFaaS Kubeless Knative Fission OpenWhisk Nuclio System Docker Docker Docker Docker Docker Docker Isolation Network K8s namespace K8s namespace K8s namespace K8s namespace K8s namespace K8s namespace Visualization Grafana Grafana Grafana Grafana Kamon Dashboard Monitoring Tracing - - Zipkin/Jaeger Zipkin/Jaeger Zipkin/Jaeger - Kong Istio Self-hosted Authentication OAuth2 DID key method - Management authentication authentication authentication Authorization K8s RBAC K8s RBAC K8s/Istio RBAC K8s/Istio RBAC Support - In Transit TLS on ingress TLS on ingress Istio mTLS Istio mTLS TLS on ingress TLS on ingress Encryption At Rest K8s secrets K8s secrets K8s secrets K8s secrets K8s secrets K8s secrets rity, which may imply potential directions towards a better B. Commercial Platforms vs. Open-Source Platforms ecosystem. Various commercial and open-source serverless platforms have flourished thanks to the vigorous serverless computing market. During our investigation, we found considerable dif- A. Academic Solutions vs. Industrial Solutions ferences in security between these two kinds of platforms. We compared the efforts in academia and industry from We discuss and analyze this phenomenon in this section. three perspectives: research interests, features of the solutions, Specifically, we compare the security measures adopted in and application status. As mentioned above, both academic and commercial and open-source platforms in terms of five aspects: industrial solutions cover the four main security challenges. isolation, monitoring, management, encryption, and tools. The This consistency in research interests implies that the current detailed results are listed in Table II and Table III. research is in a healthy state. First, most commercial platforms are equipped with self- Nonetheless, the solutions show different characteristics. developed secure containers and provide VPCs for network- Academic research tends to demonstrate the feasibility of level isolation. In terms of monitoring, they introduce their using specific methods, especially new technologies, to solve own specialized distributed tracing and monitoring prod- particular problems. In contrast, the goal of commercial plat- ucts into serverless scenarios and connect them to unified forms is to be as secure as possible while ensuring stability. visualization consoles. Through security policies and IAM Thus, providers prefer methods that have been proven in long- systems, these platforms provide mature authentication and term practice and usually combine several methods to achieve authorization capabilities and support data encryption via multilayer protection. In addition, research-led solutions often storage services. Furthermore, their long-term investment and adopt a more holistic approach, from developer to platform. technological accumulation allow commercial platforms to Without control over other parties, providers can promote their provide many tools to assist customers, such as configuration solutions only through guidelines or best practices. recommendation and risk detection. Regarding application status, some of the reported academic In contrast, most open-source platforms are built atop Ku- research work has not yet been tested or applied in industry, bernetes (K8s). Therefore, standard Docker containers and K8s as it is relatively new. We believe that open-source efforts namespace-based network isolation have become a general from both academia and industry, such as publicly available technical solution. For monitoring, these platforms usually research, real-world datasets, and standardized benchmarks, integrate third-party tools or employ their infrastructures’ can help promote smooth adoption of newly emerging solu- capabilities to avoid reinventing the wheel. Moreover, open- tions. source platforms mainly rely on ingress gateways and infras- 7

tructures such as K8s and Istio to achieve security management [4] A. Agache, M. Brooker, A. Iordache, A. Liguori, R. Neugebauer, and encryption in transit. The secret management task is also P. Piwonka, and D.-M. Popa, “Firecracker: Lightweight virtualization for serverless applications,” in 17th USENIX Symposium on Networked outsourced to the underlying K8s infrastructure. Similar to Systems Design and Implementation (NSDI 20), 2020, pp. 419–434. the monitoring aspect, open-source platforms usually do not [5] J. Cadden, T. Unger, Y. Awad, H. Dong, O. Krieger, and J. Appavoo, provide security tools natively but support the integration of “Seuss: skip redundant paths to make serverless fast,” in Proceedings of the Fifteenth European Conference on Computer Systems, 2020, pp. third-party tools such as Jenkins. 1–15. In terms of the above five aspects, the security measures [6] M. Obetz, S. Patterson, and A. Milanova, “Static call graph construction of commercial platforms are all stronger than those of open- in aws lambda serverless applications,” in 11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 19), 2019. source platforms in terms of completeness and richness. The [7] W.-T. Lin, C. Krintz, R. Wolski, M. Zhang, X. Cai, T. Li, and W. Xu, latter’s security capabilities mainly rely on infrastructure or “Tracking causal order in aws lambda applications,” in 2018 IEEE third-party tools. Two main reasons for this difference exist. International Conference on Cloud Engineering (IC2E). IEEE, 2018, pp. 50–60. First, commercial platforms have richer cloud management [8] P. Datta, P. Kumar, T. Morris, M. Grace, A. Rahmati, and A. Bates, experience and more capital and human resources, so they “Valve: Securing function workflows on serverless computing plat- can leverage their existing security mechanisms and provide forms,” in Proceedings of The Web Conference 2020, 2020, pp. 939–950. [9] A. Sankaran, P. Datta, and A. Bates, “Workflow integration alleviates standardized features as BaaS services (e.g., IAM systems). identity and access management in serverless computing,” in Annual Second, the development of open-source platforms is still rela- Computer Security Applications Conference, 2020, pp. 496–509. tively rudimentary. They focus more on realizing core features [10] J. Nam, S. Lee, H. Seo, P. Porras, V. Yegneswaran, and S. Shin, “Bastion: A security enforcement network stack for container networks,” in 2020 of serverless computing, such as agile application construction USENIX Annual Technical Conference (USENIX ATC 20), 2020, pp. and automatic function scaling, rather than security features. 81–95. Mature and standardized open-source platforms can counter [11] W. Qiang, Z. Dong, and H. Jin, “Se-lambda: Securing privacy-sensitive serverless applications using sgx enclave,” in International Conference the vendor lock-in problem and stimulate community efforts on Security and Privacy in Communication Systems. Springer, 2018, and related work. Nevertheless, open-source platforms still pp. 451–470. have a long way to go to compete with commercial platforms [12] S. Brenner and R. Kapitza, “Trust more, serverless,” in Proceedings of the 12th ACM International Conference on Systems and Storage, 2019, in terms of security. This security lag also limits their applica- pp. 33–43. tion. Hence, more effort is needed to develop and standardize [13] L. Wang, M. Li, Y. Zhang, T. Ristenpart, and M. Swift, “Peeking behind the security mechanisms of open-source serverless platforms. the curtains of serverless platforms,” in 2018 USENIX Annual Technical Conference (USENIX ATC 18), 2018, pp. 133–146. Although some have taken the lead (e.g., OpenFaaS), the [14] E. G. Young, P. Zhu, T. Caraza-Harter, A. C. Arpaci-Dusseau, and R. H. competition among open-source serverless platforms is still Arpaci-Dusseau, “The true cost of containing: A gvisor case study,” in fierce, and there is no de facto standard. From this perspective, 11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 19), 2019. unremitting efforts in developing security measures and the [15] D. Ustiugov, P. Petrov, M. Kogias, E. Bugnion, and B. Grot, “Bench- establishment of unique security capabilities therewith may marking, analysis, and optimization of serverless function snapshots,” in become the key to gaining the dominant position. Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 2021, pp. 559–572. VIII.CONCLUSION This paper has presented a survey of both literature research and industrial solutions to elucidate the research status of techniques for securing serverless computing. Starting from the characteristics of serverless environments, we explained Xing Li [S’19] received a B.E. degree in software engineering from Shandong the origins of four main security challenges: resource isolation, University, Jinan, China, in 2016. He is currently pursuing a Ph.D. degree in security monitoring, security management, and data protection. cybersecurity at Zhejiang University, Hangzhou, China. His research interests Based on a review of existing solutions, we then identified pos- are focused on the security of cloud networking and applications. sible research directions. Finally, we compared academic and industrial solutions as well as current commercial and open- source serverless platforms and elaborated on our thoughts re- garding promising directions for establishing a better research and application ecosystem. Xue Leng received a Ph.D. degree in computer science and technology from Zhejiang University, Hangzhou, China, in 2020. Her research interests include security enhancement in SDN and performance optimization of microservices and service meshes.

REFERENCES [1] MarketsandMarkets, “Serverless Architecture Market Size, Share and Global Market Forecast to 2025,” 2020, accessed on 2021-03-15. [Online]. Available: http://bit.ly/serverless market [2] E. Jonas, J. Schleier-Smith, V. Sreekanti, C.-C. Tsai, A. Khandelwal, Yan Chen [F’17] received a Ph.D. degree in computer science from the Q. Pu, V. Shankar, J. Carreira, K. Krauth, N. Yadwadkar et al., “Cloud University of California at Berkeley, Berkeley, CA, USA, in 2003. He is programming simplified: A berkeley view on serverless computing,” currently a Professor with the Department of Computer Science, Northwestern arXiv preprint arXiv:1902.03383, 2019. University, Evanston, IL, USA. His research interests include network security, [3] H. Shafiei, A. Khonsari, and P. Mousavi, “Serverless computing: measurement, and diagnosis for large-scale networks and distributed systems. A survey of opportunities, challenges and applications,” Jan 2020, accessed on 2021-03-15. [Online]. Available: engrxiv.org/u8xth