1 Securing Serverless Computing: Challenges, Solutions, and Opportunities Xing Li, Student Member, IEEE, Xue Leng, and Yan Chen, Fellow, IEEE Abstract—Serverless computing is a new cloud service model been made to address these challenges. Related studies have that reduces both cloud providers’ and consumers’ costs through arisen from academic research, commercial cloud providers, extremely agile development, operation, and charging mecha- and thriving open-source communities and have considerably nisms and has been widely applied since its emergence. Nev- ertheless, some characteristics of serverless computing, such as enhanced serverless security. Therefore, a systematic survey fragmented application boundaries, have raised new security of current research progress is needed to provide a foundation challenges. Considerable literature work has been committed to for continuing security enhancement. addressing these challenges. Commercial and open-source server- less platforms implement many security measures to enhance Some previous surveys of serverless computing have been serverless environments. This paper presents the first survey conducted [2], [3]; however, they have three main drawbacks of serverless security that considers both literature work and in revealing the current status of security research. In terms industrial security measures. We summarize the primary security of subject matter, these surveys have extensively discussed the challenges, analyze corresponding solutions from the literature concepts, challenges, applications, and prospects of serverless and industry, and identify potential research opportunities. Then, we conduct a gap analysis of the academic and industrial solu- computing but have not specifically targeted security. Re- tions as well as commercial and open-source serverless platforms’ garding content, the previous surveys have briefly introduced security capabilities, and finally, we present a complete picture possible risks or attacks but have not systematically analyzed of current serverless security research. existing solutions and future directions of research. In terms of Index Terms—Cloud Computing, Serverless Computing, Secu- materials, these surveys have focused on literature work and rity, Survey. have not considered the measures adopted in industry (i.e., commercial or open-source platforms); however, an academic I. INTRODUCTION focus alone is insufficient for a review of a widely applied cloud computing model such as serverless computing. HE development of cloud computing has driven various T service model innovations, including serverless comput- Therefore, a complete and systematic review of serverless ing. In this model, cloud providers are responsible for all security is urgently needed. To promote serverless computing server-related management tasks, such as resource allocation, and inspire new research, we present the first survey on server- service deployment, scaling, and monitoring, and an appli- less security whose horizon is expanded from academia alone cation is charged only for its execution time. As a result, to include industry. In this paper, we first introduce the concept consumers can avoid tedious management tasks, focus on the and background of serverless computing (Section II). Starting business code, and save costs by not paying for idle resources. from the unique characteristics of this service model, we then These advantages in terms of efficiency and economy have present a classification of the main security challenges and led to the rapid development of serverless computing in analyze their root causes. Subsequently, we review the state- recent years and have attracted extensive attention from both of-the-art solutions proposed in the literature and adopted by industry and academia. According to a recent report, the global popular serverless platforms for each challenge. Based on the arXiv:2105.12581v1 [cs.CR] 25 May 2021 serverless market size is estimated to grow to $21.1 billion by degree to which these problems are solved, we note potential 2025 [1]. research opportunities (Section III–Section VI). Finally, we However, as a novel service model, serverless computing illustrate our findings in comparisons of the current academic also has certain distinguishing features that present some and industrial solutions as well as commercial and open-source challenges, leading to security and compliance concerns. For platforms (Section VII). example, its agile and lightweight virtualization technologies The main contributions of this work are as follows: may lead to weak isolation, and the ephemeral nature of its computing instances could increase the difficulty of se- • A systematic summary of the challenges arising in secur- curity management. In recent years, substantial efforts have ing serverless computing is presented. • A brief but comprehensive review of academic and in- X. Li and X. Leng are with the College of Computer Science and Technology, Zhejiang University, Hangzhou, 310027, China (e-mail: dustrial solutions is provided. [email protected]; lengxue [email protected]). • A set of promising potential research opportunities is Y. Chen is with the Department of Computer Science, Northwestern proposed. University, Evanston, IL 60208, USA (e-mail: [email protected]). This work has been submitted to the IEEE for possible publication. • A multiaspect gap analysis of the current research status Copyright may be transferred without notice, after which this version may is conducted. no longer be accessible. 2 Application Boundary Storage Service Function A Function B Function C End User Function A Function C FaaS Runtime FaaS Runtime FaaS Runtime Log Service API Container Container Container Gateway \ Scheduled Task Container Engine Function B Function D ... Virtual Machine VM Other Clients SMS Service Message Queue Bare Metal Server : Trigger Events : Functions : Backend Services (a) FaaS Technology Stack (b) A Typical Serverless Application Fig. 1: (a) A container-based FaaS technology stack. Typically, only the top-level function code is managed by customers. (b) The architecture of a serverless application that includes FaaS and BaaS components. II. BACKGROUND AND OVERVIEW Customer 1 Customer 2 3 Management Interface A. Serverless Computing … Deployment Security . Virtualization technology is the cornerstone of cloud ser- ① ③ Management Services vices. Based on the platform-as-a-service (PaaS) model, the B Functions recent prosperity of lightweight virtualization (e.g., contain- Authentication 1 A ers) has given birth to a new model: function-as-a-service C ④ ② 2 Visualization (FaaS). As shown in Figure 1 (a), in this model, customers develop and deploy small code pieces called functions in the Backend ⑤ Monitoring Storage Logging . cloud. These functions are deployed in lightweight virtualized Services . environments such as containers and executed on platform- 4 Infrastructure Resources provided runtimes. Each function focuses on a different task, and multiple functions can be combined in an event-driven ① -- ⑤ : Threats 1 -- 4 : Challenges manner to realize complex business logic. Events that can Fig. 2: Locations of threats and security challenges in the activate the execution of functions are called triggers; these serverless computing framework. include but are not limited to HTTP requests, logs, storage events, and timers. With lightweight virtualization, functions can be initialized Meanwhile, this new cloud service model has begun to be extremely fast (usually within a few milliseconds). Therefore, embraced in many scenarios, such as data processing and the providers can instantiate functions only when needed and Internet of Things (IoT) paradigm. flexibly scale them, thereby maximizing resource utilization. Consequently, functions usually have a short lifecycle. This B. Threats and Security Challenges agility is also beneficial to consumers. Since the occupied As a multitenant cloud service model, serverless computing resources will be released when they are not in use, consumers is susceptible to security threats that can be divided into five need to pay only for functions’ actual execution time and do categories based on where they are launched. The first category not need to reserve resources for emergencies. consists of external attacks on applications from malicious Moreover, cloud providers offer dedicated services and users (¬), such as cross-site scripting attacks and injection application programming interfaces (APIs) for tasks such as attacks. Due to the unlimited scalability and the pay-as-you- storage, logging, and identity management. These services go feature of serverless computing, denial of service attacks can help customers build and manage server-side logic, thus will lead to a substantial increase in the cost to application significantly accelerating application development and release. owners. The second comprises internal attacks on applications This service model is known as backend-as-a-service (BaaS). from malicious insiders (­), such as illegal internal access Serverless computing is generally regarded as a combination and sniffing attacks. Adversaries in the internal network can of FaaS and BaaS. By undertaking all management tasks even perceive sensitive information from the communication directly related to infrastructure resources, cloud providers pattern and activity level of functions. For example, in a health make server-related details transparent to consumers. From monitoring application, a particular sequence of