Studi Literatur: Strategi Migrasi dan Mekanisme Autentikasi Zero Trust untuk Mengamankan Arsitektur Microservices di Lingkungan Multi-Cloud
Kata Kunci:
Microservices, Multi-Cloud, System Migration, Zero Trust, Cybersecurity, Systematic Literature AnalysisAbstrak
Adopsi arsitektur microservices secara masif telah mendorong banyak organisasi untuk bermigrasi dari sistem monolitik menuju ekosistem terdistribusi yang dijalankan lintas beberapa penyedia layanan cloud (multi-cloud), guna menghindari ketergantungan pada satu vendor, meningkatkan resiliensi, dan memenuhi tuntutan kepatuhan regional. Namun, desentralisasi ini juga memperluas permukaan serangan secara signifikan, terutama pada fase migrasi ketika sistem legacy dan layanan microservices baru berjalan berdampingan dalam kondisi keamanan yang belum sepenuhnya matang, sehingga rentan terhadap pergerakan lateral (lateral movement) dan eskalasi akses oleh pihak yang tidak berwenang. Model keamanan berbasis perimeter tradisional terbukti tidak lagi memadai untuk lingkungan yang dinamis dan terfragmentasi semacam ini. Penelitian ini menggunakan pendekatan Tinjauan Literatur Sistematis (Systematic Literature Review/SLR) untuk mengidentifikasi, mengevaluasi, dan mensintesis berbagai strategi migrasi serta mekanisme keamanan yang relevan dalam mengamankan arsitektur microservices pada lingkungan multi-cloud. Melalui penelusuran literatur dari basis data akademik bereputasi dalam kurun lima tahun terakhir, penelitian ini mengkaji tiga domain mekanisme keamanan utama: service mesh dengan enkripsi mutual TLS (mTLS), otorisasi berbasis token melalui API gateway (OAuth2/JWT), dan arsitektur Zero Trust yang menerapkan verifikasi identitas berkelanjutan pada setiap permintaan layanan. Hasil sintesis menunjukkan bahwa tidak ada satu mekanisme tunggal yang optimal pada seluruh skenario; masing-masing pendekatan menghadirkan trade-off antara kekuatan proteksi, latensi komunikasi antar-layanan, dan kompleksitas operasional lintas-cloud. Penelitian ini turut memetakan kesenjangan riset terkait minimnya kerangka kerja migrasi yang mengintegrasikan keamanan sejak tahap perancangan (security-by-design), serta mengusulkan arah pengembangan menuju arsitektur hibrida adaptif yang menggabungkan keunggulan service mesh dan Zero Trust untuk mendukung migrasi microservices yang aman, efisien, dan dapat diskalakan pada ekosistem multi-cloud generasi mendatang.
Unduhan
Referensi
[1] A. D. Boursianis et al., “Internet of Things (IoT) and Agricultural Unmanned Aerial Vehicles (UAVs) in smart farming: A comprehensive review,” Internet of Things (Netherlands), vol. 18, no. xxxx, p. 100187, 2022, doi: 10.1016/j.iot.2020.100187.
[2] Fauzan Prasetyo Eka Putra, Maktsuful Ghummah, Moh. Amrullah, and Rafli Hidayatullah, “Studi Kinerja Mesh Network untuk Penerapan Internet of Things (IoT) di Lingkungan Perkotaan,” J. Inform. Dan Tekonologi Komput., vol. 5, no. 1, pp. 63–73, 2025, doi: 10.55606/jitek.v5i1.5895.
[3] K. L. G. Snider, R. Shandler, S. Zandani, and D. Canetti, “Cyberattacks, cyber threats, and attitudes toward cybersecurity policies,” J. Cybersecurity, vol. 7, no. 1, pp. 1–11, 2021, doi: 10.1093/cybsec/tyab019.
[4] A. Bagus Prakoso, M. Anugrah Putra, M. Hanif Hilmi, S. Yoma Patria Risky, and J. Maulindar, “Penerapan Algoritma Regresi Random Forest Untuk Prediksi Produksi Jagung Menggunakan Data Statistik Sistem Pertanian Cerdas Smart City,” Pros. Semin. Nas. Teknol. Inf. dan Bisnis, pp. 28–33, 2025, doi: 10.47701/19h5ny78.
[5] S. R. Jena, R. Shanmugam, K. Saini, and S. Kumar, “Cloud Computing Tools: Inside Views and Analysis,” Procedia Comput. Sci., vol. 173, no. 2019, pp. 382–391, 2020, doi: 10.1016/j.procs.2020.06.045.
[6] A. F. Rachman, F. P. E. Putra, S. Syirofi, and D. Wahid, “Case Study of Computer Network Development for the Internet Of Things (IoT) Industry in an Urban Environment,” Brill. Res. Artif. Intell., vol. 4, no. 1, pp. 399–407, 2024, doi: 10.47709/brilliance.v4i1.4302.
[7] M. M. Mijwil, O. J. Unogwu, Y. Filali, I. Bala, and H. Al-Shahwani, “Exploring the Top Five Evolving Threats in Cybersecurity: An In-Depth Overview,” Mesopotamian J. CyberSecurity, vol. 2023, no. 1, pp. 57–63, 2023, doi: 10.58496/MJCS/2023/010.
[8] L. A. Gordon, M. P. Loeb, W. Lucyshyn, and L. Zhou, “Increasing cybersecurity investments in private sector firms,” J. Cybersecurity, vol. 1, no. 1, pp. 3–17, 2015, doi: 10.1093/cybsec/tyv011.
[9] R. D. Gunawan, F. Ariany, and N. Novriyadi, “Implementasi Metode SAW Dalam Sistem Pendukung Keputusan Pemilihan Plano Kertas,” J. Artif. Intell. Technol. Inf., vol. 1, no. 1, pp. 29–38, 2023, doi: 10.58602/jaiti.v1i1.23.
[10] R. A. Prasetyo, “Mengoptimalkan Irigasi Pertanian Cerdas Melalui Internet of Multimedia Things (IoMT) dengan Deteksi Kebutuhan Air Tanaman Berbasis Deep Learning,” J. Inform., vol. 11, no. 1, pp. 1–10, 2020, [Online]. Available: https://www.researchgate.net/publication/376415558
[11] F. P. E. Putra, U. Ubaidi, R. N. Saputra, F. M. Haris, and S. N. R. Barokah, “Application of Internet of Things Technology in Monitoring Water Quality in Fishponds,” Brill. Res. Artif. Intell., vol. 4, no. 1, pp. 356–361, 2024, doi: 10.47709/brilliance.v4i1.4231.
[12] B. Nofrianti, R. S. Hadikusuma, and L. Nurpulaela, “Implementasi Antena Wajanbolic Sebagai Penguat Sinyal Untuk Konsep Pertanian Cerdas Di Pasaman Sumatera Barat Implementation of Wokbolic Antenna As Signal Amplifier for Smart Agriculture Concept in Pasaman, West Sumatera,” Univ. Bunda Mulia, vol. 6, no. 2, pp. 1049–1059, 2021, [Online]. Available: https://doi.org/10.25124/jett.v8i2.4210
[13] P. Asnur, R. Apriyanti, D. Hertinsyana, V. Widi Prabawasari, T. Yuni Gunarto, and B. Haryadi, “Implementasi Pertanian Cerdas Berbasis Internet of Things Di Desa Wisata Mucila-Munjul, Jakarta Timur Implementation of a Smart Farm Based on the Internet of Things in the Village of Wisata Mucila-Munjul, East Jakarta,” J. Pengabdi. Kpd. Masy., vol. 4, pp. 1–7, 2024.
[14] M. F. P. Nugraha, M. Sudiarsa, and E. Y. Setyono, “Analisis Optimasi Waktu Dan Biaya Proyek DenganPenambahan Sumber Daya Menggunakan Metode Time Cost Trade Off,” Jur. Tek. Sipil-PNB, vol. 2, pp. 235–244, 2023.
[15] F. P. E. Putra, M. A. Mahmud, and I. S. Maqom, “Pengembangan Sistem Pemantauan Lingkungan Berbasis Internet of Things (IoT) di Kampus,” Digit. Transform. Technol., vol. 3, no. 2, pp. 996–1001, 2024, doi: 10.47709/digitech.v3i2.3457.
[16] N. Rahmansyah and S. A. Lusinia, Buku Ajar Sistem Pendukung Keputusan. 2016. doi: 10.1063/1.1935433.
[17] S. Savaş and S. Karataş, “Cyber governance studies in ensuring cybersecurity: an overview of cybersecurity governance,” Int. Cybersecurity Law Rev., vol. 3, no. 1, pp. 7–34, 2022, doi: 10.1365/s43439-021-00045-4.
[18] M. Bravetti et al., “A Formal Approach to Microservice Architecture Deployment * To cite this version : HAL Id : hal-03077047 A Formal Approach to Microservice Architecture Deployment ∗,” 2020.
[19] G. De Palma, S. Giallorenzo, M. Trentin, and · Gejsi Vjerdha, “A Framework for Bridging the Gap between Monolithic and Serverless Programming,” 2023, [Online]. Available: https://www.github.com/Gejsi/fenrir.
[20] E. Bobrov et al., “DevOps and its philosophy: Education matters!,” Microservices Sci. Eng., pp. 349–361, 2019, doi: 10.1007/978-3-030-31646-4_14.
[21] H. Song, F. Chauvel, and P. H. Nguyen, “Using microservices to customize multi-tenant software-as-a-service,” Microservices Sci. Eng., no. 1, pp. 299–331, 2019, doi: 10.1007/978-3-030-31646-4_12.
[22] L. Wang and J. Zhao, Architecture of advanced numerical analysis systems: Designing a scientific computing system using OCaml. 2022. doi: 10.1007/978-1-4842-8853-5.
[23] B. Benson and G. Dorai, “Grey Areas of Digital Forensic Tools and a Framework to Solve the IoT Data Forensic Analysis Problems,” pp. 1–4.
[24] D. Taibi, V. Lenarduzzi, and C. Pahl, “Microservices Anti-Patterns : A Taxonomy”.
[25] M. Mazzara, A. Bucchiarone, N. Dragoni, and V. Rivera, “Size matters: Microservices research and applications,” Microservices Sci. Eng., pp. 29–42, 2019, doi: 10.1007/978-3-030-31646-4_2.
[26] H. Monfleur et al., “Towards Concern-Oriented Microservice Architecture To cite this version : HAL Id : hal-04201189 Towards Concern-Oriented Microservice Architecture,” 2023.
[27] F. Jrad, J. Tao, and A. Streit, “A broker-based framework for multi-cloud workflows,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 61–68, 2013, doi: 10.1145/2462326.2462339.
[28] S. S. Gill, “A Manifesto for Modern Fog and Edge Computing: Vision, New Paradigms, Opportunities, and Future Directions,” EAI/Springer Innov. Commun. Comput., no. 2022, pp. 237–253, 2022, doi: 10.1007/978-3-030-74402-1_13.
[29] K. Jeffery, G. Horn, and L. Schubert, “A vision for better cloud applications,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, no. 3, pp. 7–12, 2013, doi: 10.1145/2462326.2462329.
[30] C. Canali and R. Lancellotti, “Automatic Virtual Machine Clustering based on Bhattacharyya Distance for Multi-Cloud Systems,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 45–52, 2013, doi: 10.1145/2462326.2462337.
[31] G. Baryannis et al., “Lifecycle management of service-based applications on multi-clouds: A research roadmap,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 13–20, 2013, doi: 10.1145/2462326.2462331.
[32] A. kumar Polinati, “Hybrid Cloud Security: Balancing Performance, Cost, and Compliance in Multi-Cloud Deployments,” Cornell Univ., pp. 1–24, 2025.
[33] F. Paraiso, P. Merle, and L. Seinturier, “Managing elasticity across multiple cloud providers,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 53–60, 2013, doi: 10.1145/2462326.2462338.
[34] A. Gunka, S. Seycek, and H. Kühn, “Moving an application to the cloud - An evolutionary approach,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 35–42, 2013, doi: 10.1145/2462326.2462334.
[35] D. Petcu, “Multi-cloud: Expectations and current approaches,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 1–6, 2013, doi: 10.1145/2462326.2462328.
[36] D. Franceschelli, D. Ardagna, M. Ciavotta, and E. Di Nitto, “SPACE4CLOUD: A tool for system performance and cost evaluation of CLOUD systems,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 27–34, 2013, doi: 10.1145/2462326.2462333.
[37] P. Bar et al., “Towards a monitoring feedback loop for cloud applications,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 43–44, 2013, doi: 10.1145/2462326.2462336.
[38] C. Quinton, N. Haderer, R. Rouvoy, and L. Duchien, “Towards multi-cloud configurations using feature models and ontologies,” MultiCloud 2013 - Proc. Int. Work. Multi-Cloud Appl. Fed. Clouds, pp. 21–26, 2013, doi: 10.1145/2462326.2462332.
[39] K. Delbene, M. Medin, and R. Murray, “The Road to Zero Trust (Security),” Def. Innov. Board, pp. 1–10, 2019, [Online]. Available: https://media.defense.gov/2019/Jul/09/2002155219/-1/-1/0/DIB_THE_ROAD_TO_ZERO_TRUST_(SECURITY)_07.08.2019.PDF
[40] S. Rose, “Planning for a Zero Trust Architecture,” no. December, 2022, [Online]. Available: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.20.pdf
[41] J. Uddoh, D. Ajiga, B. Okare, T. A.-J. Z. T. Bank, and undefined 2022, “Zero trust architecture models for preventing insider attacks and enhancing digital resilience in banking systems,” Gisrrj.Com, vol. 5, no. 4, pp. 213–230, 2022, [Online]. Available: https://gisrrj.com/paper/GISRRJ225417.pdf
[42] M. M. Mijwil, M. Aljanabi, and A. H. Ali, “ChatGPT: Exploring the Role of Cybersecurity in the Protection of Medical Information,” Mesopotamian J. CyberSecurity, vol. 2023, pp. 18–21, 2023, doi: 10.58496/MJCS/2023/004.
Unduhan
Diterbitkan
Terbitan
Bagian
Lisensi
Hak Cipta (c) 2026 Giovani sapta purnama A, Radhitya Dwi Akmal Purnomo (Penulis)

Artikel ini berlisensi Creative Commons Attribution 4.0 International License.








