Please visit owncloud.com/infinite-scale for more details on ownCloud Infinite Scale, installation options for the tech preview, and ways to contribute!
With ownCloud Infinite Scale, we had the chance to start on a green field. The only constraint was to maintain API compatibility with ownCloud 10. This enabled us to go all in with new technologies and build a new architecture. We decided to go with the microservice architecture mainly to fulfill a growing demand for scalability while also increasing the security of our platform. These security improvements can be grouped into five main aspects:
Smaller attack surfaces
By using the microservice architecture, we break up the platform into many small services which communicate to each other via their defined APIs. Since we can split the services by their responsibilities, the resulting APIs can be rather small. This in turn makes them easier to review and maintain. Errors in logic or design can thus be spotted earlier.
The ownCloud Infinite Scale services include an API gateway, similar to a proxy service. One of a few tasks of that gateway is to check if the requests are authenticated. This design allows services to be only accessible to other services inside the network so as to not be exposed to public access – reducing the attack surface.
Separation of concerns
Since services are created to assume specific responsibilities, each service only needs access to the data relevant for doing its job. In case one service has a vulnerability and gets hacked, the extent of data compromised would be a lot smaller compared to a monolithic system.
There are a few things that make the extension system for ownCloud Infinite Scale more secure compared to ownCloud 10 apps. First, extensions themselves are services which can be deployed in addition to the core ownCloud Infinite Scale services. Second, they don’t need to be run on the same host as the ownCloud Infinite Scale core services. Third, they also communicate only via APIs. This way, attackers can’t just circumvent access control by accessing the data directly. And fourth, DoS attacks that target extensions are getting considerably harder, since even if one extension can be crashed, this doesn’t pull the whole system down like it would in a monolithic system.
Defense in depth
These days, there is more to security than just having strong passwords and a firewall in front of your network. One main concept is defense in depth. It simply means that even if one layer is breached, say an attacker got into your network, then there are still additional mechanisms in place to protect your data. One of those mechanisms is encrypting the communication between the services and encrypting the data stored.
Security is an important aspect of our development lifecycle. We always think hard about the security implications of new features. In addition to our code reviews, we use automatic, continuous tools to scan our code and dependencies for potential risks – to be able to fix early. I hope I could give you a helpful overview of our comprehensive efforts to make security a main focus of our new platform.
We would love to receive your questions and feedback about this and other aspects of ownCloud Infinite Scale on our community forum at central.owncloud.org!