Behavioral Authorization for Service Mesh
Updated Nov. 19 2020

Kubernetes is considered the de-facto operating system for orchestrating containers in the cloud. However, there are few controls for inter-service communication, and the ability to identify bad actors is an impossible task for humans. Dr. Kainth’s Indie Dev project is building a behavior-based continuous authorization service. The project controls mesh behavior across services running within the environment for real-time authorization.
Solution Overview

The “Machine Identity Management System for Microservices”(MIMSM) can be described as an in-mesh “behavior-based continuous authorization” service. This project builds upon the existing Kubernetes & Istio technology stacks. It implements custom “hooks”that can inject specific “actions” into the control planes in response to the behavior of the various actors and services running within the environment. It will be available with an Apache 2.0 license published to GitHub.