Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a 15-minute conference presentation from OOPSLA 2025 that introduces SafeTree, a novel approach for enforcing expressive tree-based policies in microservice architectures. Learn how current microservice deployment tools are limited to single-hop policies that can be overly permissive by ignoring the rich service tree structure of microservice calls. Discover the design of an expressive policy language that can specify service tree structures and understand how a visibly pushdown automata-based dynamic enforcement mechanism works to enforce these policies. Examine the non-invasive implementation approach that requires no changes to service implementations or access to microservice code, built as a runtime monitor on top of service mesh infrastructure. See how the researchers leverage Istio's programmable network traffic filtering capabilities to create an online and distributed monitoring system. Review experimental results demonstrating that the monitor can enforce rich safety properties while adding only minimal latency overhead on the order of milliseconds. Gain insights into how this approach provides development and security teams with more fine-grained control over communication patterns in microservice-based applications, addressing important safety property enforcement challenges in distributed systems architecture.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
