Leveraging Service Mesh and Security Standards: Implementing FIPS in Cloud-Based Services

• Author(s): Ravi Laudya ; Vanitha Sivasankaran Balasubramaniam ; Niharika Singh ; Phanindra Kumar ; Om Goel; Prof. (Dr) Sandeep Kumar
• Paper ID: 1702933
• Page: 197-218
• Published Date: 09-11-2024
• Published In: Iconic Research And Engineering Journals
• Publisher: IRE Journals
• e-ISSN: 2456-8880
• Volume/Issue: Volume 5 Issue 4 October-2021

Abstract

In modern cloud-based infrastructures, seamless communication and security are paramount for ensuring efficient service delivery. Leveraging service mesh technology provides a powerful way to manage inter-service communication across distributed cloud environments. This approach enables service discovery, load balancing, traffic management, and observability while enhancing security through zero-trust principles. However, implementing Federal Information Processing Standards (FIPS) within these systems adds a critical layer of compliance to meet regulatory requirements, particularly for government and highly regulated industries. This paper explores the integration of service mesh with FIPS-compliant security mechanisms to address data integrity, confidentiality, and authentication challenges in cloud environments. Key components, such as mutual TLS (mTLS), policy-driven encryption, and certificate management, are evaluated to demonstrate how service mesh can align with FIPS mandates. Additionally, the paper examines methods for integrating FIPS-compliant cryptographic libraries within cloud services to meet the security needs of sensitive workloads without compromising performance or scalability. The study also discusses the operational challenges and best practices involved in implementing service mesh alongside FIPS standards. Key insights include the importance of automation for secure policy updates, monitoring tools for anomaly detection, and strategies to prevent network-level vulnerabilities. By combining service mesh frameworks with FIPS, cloud service providers can build robust, secure environments capable of maintaining regulatory compliance while offering dynamic, scalable, and resilient architectures. This work concludes with a roadmap for enterprises to adopt these solutions effectively, ensuring that security and compliance can evolve alongside rapid technological advancements in cloud-based services.

Keywords

Service Mesh, Cloud Security, FIPS Compliance, mTLS, Cryptographic Standards, Zero-Trust Architecture, Cloud-Based Services, Secure Communication, Encryption Policies, Regulatory Compliance.

Citations

IRE Journals:
Ravi Laudya , Vanitha Sivasankaran Balasubramaniam , Niharika Singh , Phanindra Kumar , Om Goel; Prof. (Dr) Sandeep Kumar "Leveraging Service Mesh and Security Standards: Implementing FIPS in Cloud-Based Services" Iconic Research And Engineering Journals Volume 5 Issue 4 2021 Page 197-218

IEEE:
Ravi Laudya , Vanitha Sivasankaran Balasubramaniam , Niharika Singh , Phanindra Kumar , Om Goel; Prof. (Dr) Sandeep Kumar "Leveraging Service Mesh and Security Standards: Implementing FIPS in Cloud-Based Services" Iconic Research And Engineering Journals, 5(4)