Abstract
Serverless computing is a new cloud service model that reduces both cloud providers' and consumers' costs through agile development, operation, and charging mechanisms. It has been widely applied since its emergence. Nevertheless, some characteristics of serverless computing, such as fragmented application boundaries, have raised new security challenges. Considerable literature has been committed to addressing these challenges. Commercial and open-source serverless platforms implement many security measures to enhance serverless environments. This paper presents the first survey of serverless security that considers both the literature and industrial security measures. We summarize the primary security challenges, analyze corresponding solutions from the literature and industry, and identify potential research opportunities. Then, we conduct a gap analysis of the academic and industrial solutions, as well as commercial and open-source serverless platforms' security capabilities. Finally, we present a complete picture of current serverless security research.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
