Abstract:
Microservices architecture has become one of the most prominent software architectures in the software development processes due to its features such as scalability, maintainability, resilience, and composability. It allows developing business applications in a decentralized manner by dividing the important business logic into separate independent services. Digital certificates are used to verify the identity of microservices in most cases. However, the certificate authorities (CA) who issue the certificates to microservices cannot be trusted always since they can issue certificates without the consent of the relevant microservice. Nevertheless, existing implementations of certificate transparency are mostly centralized and has the vulnerability of the single point of failure. The distributed ledger technologies such as blockchain can be used to achieve decentralized nature in certificate transparency implementations. A blockchain-based decentralized certificate transparency system specified for microservices architecture is proposed in this paper to ensure secure communication among services. After the implementation and deployment in a cloud service, the system expressed average certificate querying time of 643 milliseconds along with the highly secured service provided.