Method and system for privacy-preserving workflow validations in serverless clouds

Abstract

State of the art approaches used to address security aspects in serverless platforms perform workflow validations on an end to end flow, however, this cannot prevent attacks targeted at intermediate function calls in the workflow. Further, the existing systems store policy data in insecure manner, which causes security issues. The disclosure herein generally relates to serverless clouds, and, more particularly, to a method and system for privacy-preserving workflow validations in serverless clouds. The system stores policy data in a secured/encrypted manner. The system also performs validations at different levels, at a first level to allow/deny access at an ingress point, and at a second level to allow/deny access at critical intermediate points. This approach thus provides safety against attacks that may have been initiated post initial validation, and offers added data security.

CPC Classifications