Blockchain-Enabled Secure Orchestration of Cloud-Native Microservices for High-Assurance Computing Applications
DOI:
https://doi.org/10.63282/3117-5481/AIJCST-V2I3P102Keywords:
Blockchain, Microservices Orchestration, Kubernetes, Service Mesh, Zero-Trust, Smart Contracts, Software Supply Chain Security, SBOM/Provenance Attestation, Confidential Computing (TEE), Byzantine Fault Tolerance, Policy-As-Code, Verifiable Logging, Gitops, Ebpf Telemetry, High-Assurance ComputingAbstract
Cloud-native microservices accelerate delivery but complicate end-to-end trust, auditability, and policy enforcement especially in high-assurance settings such as defense, healthcare, and critical infrastructure. This paper proposes a blockchain-enabled orchestration framework that embeds verifiable security controls directly into the lifecycle of microservices on Kubernetes. A permissioned ledger provides tamper-evident logs, software-supply-chain attestations (SBOM and provenance), and policy execution via smart contracts, while a zero-trust architecture integrates identity-aware service meshes, continuous workload attestation, and confidential computing for data-in-use protection. We map orchestration intents (deploy, scale, rollback, isolate) to on-chain policies (policy-as-code) that gate cluster actions and emit immutable evidence for compliance and forensics. The runtime layer couples eBPF-based telemetry and WASM sidecars with ledger-anchored checkpoints to detect drift, enforce least-privilege, and support Byzantine-resilient coordination across clusters. We present a reference architecture and a working prototype that aligns NIST SP 800-53/800-207 controls with GitOps workflows, enabling continuous authorization, reproducible builds, and cryptographically verifiable releases. Evaluation focuses on assurance metrics policy conformance, provenance completeness, and incident traceability alongside operational metrics such as orchestration latency and elasticity. Results indicate the approach preserves elasticity while adding strong audit guarantees and reducing mean time-to-contain through automated, verifiable responses. The framework demonstrates a practical path to high-assurance, cloud-native operations by unifying decentralized trust, secure orchestration, and evidence-driven compliance without sacrificing developer velocity
References
[1] Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Ferris, C., Laventman, G., Manevich, Y., Muralidharan, S., Murthy, C., Nguyen, B., Ngui, D., Singh, M., Smith, K., Sorniotti, A., Stathakopoulou, C., Vukolić, M., & Weissenborn, D. “Hyperledger Fabric: A Distributed Operating System for Permissioned Blockchains.” Proceedings of the Thirteenth EuroSys Conference (EuroSys ’18), 2018.
[2] Weber, I., Xu, X., Rimba, P., Staples, M., Ponomarev, A., Governatori, G., & Franceschelli, D. “Untrusted Business Processes: Using Smart Contracts and Blockchain Technology for Execution and Auditing.” Business Process Management Workshops, 2016.
[3] Reyna, A., Martín, C., Chen, J., Soler, E., & Díaz, M. “On Blockchain and Its Integration with IoT. Challenges and Opportunities.” Future Generation Computer Systems, Vol. 88, 2018, pp. 173-190.
[4] Kumar, R., Tripathi, N., & Goudar, R. H. “A Survey on Blockchains: Applications, Challenges and Opportunities.” International Journal of Advanced Research in Computer Science and Software Engineering, Vol. 5, Issue 5, 2015.
[5] Tsai, C.-W., Lai, C.-F., Chao, H.-C., & Vasilakos, A. V. “Big Data Analytics: A Survey.” Journal of Big Data, Vol. 2, 2015, Article 21. — (While not strictly blockchain/orchestration, relevant to large-scale/high-assurance/analytics aspects)
[6] Pahl, C., & Jamshidi, P. “Microservices: A Systematic Mapping Study.” Proceedings of the ACM/IEEE 6th International Conference on Utility and Cloud Computing (UCC ’13), 2013.
[7] Dragoni, N., Lanese, I., Larsen, S. T., Mazzara, M., Mustafin, R., & Safina, L. “Microservices: How to Make Your Application Scale.” Proceedings of the 6th International Conference on Cloud Computing, 2017.
[8] Alzahrani, A., Maher, M., Manso, M., & Rashid, A. “Towards an Orchestration Framework for Microservices in the Cloud.” Journal of Cloud Computing: Advances, Systems and Applications, Vol. 7, Article 27, 2018.
[9] Dinh, T. Q., Tang, J., La, Q. D., & Quek, T. Q. “Cloud-Native Orchestration of Internet of Things and Microservices: A Survey.” IEEE Access, Vol. 6, 2018, pp. 64203-64224.
[10] Dabagh, S., Elgazzar, K., & Kuhn, D. “Secure Orchestration of Microservices and Blockchain in Cloud Environments for High-Assurance Applications.” Proceedings of the 2019 IEEE International Conference on Cloud Engineering (IC2E 2019)
