Serverless computing: a security perspective

Eduard Marin*, Diego Perino, Roberto Di Pietro

*Corresponding author for this work

Research output: Contribution to journalReview articlepeer-review

6 Scopus citations


In this article we review the current serverless architectures, abstract and categorize their founding principles, and provide an in-depth security analysis. In particular, we: show the security shortcomings of the analyzed serverless architectural paradigms; point to possible countermeasures; and, highlight several research directions for practitioners, Industry, and Academia.

Original languageEnglish (US)
Article number69
JournalJournal of Cloud Computing
Issue number1
StatePublished - Dec 2022

Bibliographical note

Funding Information:
The research leading to these results have received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreements No 871793 (Accordion), No 101016509 (Charity), No 101070473 (FLUIDOS) and No 101070516 (Nebulous). This publication was also partially supported by the award NPRP-S-11-0109-180242 from the QNRF-Qatar National Research Fund, a member of The Qatar Foundation. The findings reported herein are solely responsibility of the authors.

Publisher Copyright:
© 2022, The Author(s).


  • Architectures
  • Cloud computing
  • Security
  • Serverless computing
  • Threat models
  • Vulnerabilities

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Serverless computing: a security perspective'. Together they form a unique fingerprint.

Cite this