Downloads: 1
Research Paper | Information Technology | Volume 15 Issue 2, February 2026 | Pages: 1050 - 1055 | United States
Challenges and Best Practices for Security in Serverless Computing Architectures
Abstract: The article is devoted to examining the spectrum of security threats and mitigation practices in serverless computing architectures. The relevance of the study is determined by the rapid proliferation of the FaaS (Function-as-a-Service) paradigm in corporate and industrial environments, which, while preserving the advantages of elastic scalability and cost optimization, gives rise to a qualitatively new class of risks that are uncharacteristic of traditional cloud models. The scientific novelty of the work lies in the systematization of the most relevant threats identified in the period after 2021, as well as in the justification and formalization of the author's three-layer comprehensive security model (Author's 3-Layer Security Model), designed to protect Serverless applications at different stages of their life cycle. The study consistently sets out the conceptual foundations of serverless architecture and analyzes key vulnerabilities determined by the specifics of the shared responsibility model and high functional granularity. Particular emphasis is placed on threats arising from incorrect configuration of access rights and violation of the principle of least privilege, denial-of-service attacks with an economic effect, as well as security breaches in the software supply chain. The aim of the work is to develop a structured methodological approach to reducing aggregate security risks in Serverless environments. To achieve this aim, methods of systematic review, comparative analysis, and data synthesis are employed. The empirical and theoretical basis is formed by publications in leading scientific journals, including IEEE Network and Journal of Information Security and Applications, as well as specialized industry reports, in particular materials of the Cloud Security Alliance. In the final part, conclusions are formulated and a set of practical recommendations aimed at developers and security engineers is consolidated. The results presented are of interest to the professional community in the field of cloud technologies, developers of Serverless applications, and researchers engaged in cybersecurity issues.
Keywords: serverless computing, Serverless, FaaS, security, shared responsibility model, Least Privilege, Denial of Wallet, supply chain security, cloud architectures, cybersecurity
How to Cite?: Praveen Ravula, "Challenges and Best Practices for Security in Serverless Computing Architectures", Volume 15 Issue 2, February 2026, International Journal of Science and Research (IJSR), Pages: 1050-1055, https://www.ijsr.net/getabstract.php?paperid=SR26203163427, DOI: https://dx.dx.doi.org/10.21275/SR26203163427