- Library Home /
- Search Collections /
- Open Collections /
- Browse Collections /
- UBC Theses and Dissertations /
- Automating resource and security configuration of serverless...
Open Collections
UBC Theses and Dissertations
UBC Theses and Dissertations
Automating resource and security configuration of serverless applications Moghimi, Arshia
Abstract
Serverless computing is an emerging paradigm that eases the process of application deployment by removing the burden of infrastructure provisioning, management, and scaling from the developers and letting them focus only on the application logic. However, the current state of serverless is not truly “server-less” as it requires developers to get involved in configuring their applications’ deployment settings; settings that can highly affect the performance, cost, and security of the applications. To name some, developers need to choose the amount of resources allocated to an application, set a proper timeout limit, manually specify the accesses required for its operation, and so on. This thesis takes a step towards enabling a true serverless experience by automating resource configuration and setting security requirements for a serverless application. In the first part of this thesis, we focus on resource allocation for serverless applications. We introduce Parrotfish as a novel tool to rightsize serverless applications. Parrotfish builds accurate performance models for serverless applications that allow us to suggest optimal resource configurations based on the developers’ constraints. The second part of the thesis primarily focuses on automating the security configuration of serverless applications by introducing Growlithe. Growlithe creates an abstract dataflow graph of the serverless application, allowing the tool to generate the required security policies automatically. This dataflow graph also enables fine-grained taint tracking, which can be leveraged to support richer security policies not currently supported by serverless security frameworks. The proposed solutions to automate serverless resource and security configurations contribute to creating a true serverless experience for the developers.
Item Metadata
| Title |
Automating resource and security configuration of serverless applications
|
| Creator | |
| Supervisor | |
| Publisher |
University of British Columbia
|
| Date Issued |
2024
|
| Description |
Serverless computing is an emerging paradigm that eases the process of application deployment by removing the burden of infrastructure provisioning, management, and scaling from the developers and letting them focus only on the application logic. However, the current state of serverless is not truly “server-less” as it requires developers to get involved in configuring their applications’ deployment settings; settings that can highly affect the performance, cost, and security of the applications. To name some, developers need to choose the amount of resources allocated to an application, set a proper timeout limit, manually specify the accesses required for its operation, and so on. This thesis takes a step towards enabling a true serverless experience by automating resource configuration and setting security requirements for a serverless application. In the first part of this thesis, we focus on resource allocation for serverless applications. We introduce Parrotfish as a novel tool to rightsize serverless applications. Parrotfish builds accurate performance models for serverless applications that allow us to suggest optimal resource configurations based on the developers’ constraints. The second part of the thesis primarily focuses on automating the security configuration of serverless applications by introducing Growlithe. Growlithe creates an abstract dataflow graph of the serverless application, allowing the tool to generate the required security policies automatically. This dataflow graph also enables fine-grained taint tracking, which can be leveraged to support richer security policies not currently supported by serverless security frameworks. The proposed solutions to automate serverless resource and security configurations contribute to creating a true serverless experience for the developers.
|
| Genre | |
| Type | |
| Language |
eng
|
| Date Available |
2024-09-26
|
| Provider |
Vancouver : University of British Columbia Library
|
| Rights |
Attribution-NonCommercial-NoDerivatives 4.0 International
|
| DOI |
10.14288/1.0445464
|
| URI | |
| Degree | |
| Program | |
| Affiliation | |
| Degree Grantor |
University of British Columbia
|
| Graduation Date |
2024-11
|
| Campus | |
| Scholarly Level |
Graduate
|
| Rights URI | |
| Aggregated Source Repository |
DSpace
|
Item Media
Item Citations and Data
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International