Service management in distributed system

What is claimed is: 1. A computer-implemented method comprising: receiving, by one or more processors, a trust rule between a first service and a second service in a plurality of services that are deployed in a distributed system, the trust rule defining whether the first service is allowed to access the second service; obtaining, by the one or more processors, a trust tree for the distributed system, the trust tree comprising a plurality of certificates for accessing the plurality of services, wherein the plurality of services belongs to at least one trust domain in the distributed system, and wherein the obtaining the trust tree comprises generating a leaf node in the trust tree for a service in the plurality of services and a non-leaf node in the trust tree for a trust domain in the at least one trust domain based on a relationship between the plurality of services and the least one trust domain; and selecting, by the one or more processors, from the plurality of certificates a first group of certificates for the first service based on the trust rule and the trust tree, the first group of certificates enabling the first service to access the second service, wherein the selecting the first group of certificates comprises identifying a target leaf node in the trust tree based on a second position of the second service in the distributed system. 2. The method of claim 1 , wherein the leaf node comprises a certificate for identifying the service, and wherein the non-leaf node comprises a certificate for accessing the trust domain. 3. The method of claim 2 , wherein the selecting the first group of certificates further comprises: selecting, by the one or more processors, the first group of certificates based on the trust rule and the target leaf node. 4. The method of claim 3 , wherein the selecting the first group of certificates based on the trust rule and the target leaf node comprises any of: in response to the trust rule defining that the first service is allowed to access the second service, including, by one or more processors, certificates along a path of the target leaf node into the first group of certificates; and in response to the trust rule defining that the first service is not allowed to access the second service, excluding, by one or more processors, at least one certificate corresponding to a non-leaf node along a path of the target leaf node from the first group of certificates. 5. The method of claim 4 , wherein the excluding at least one certificate comprises: in response to determining that the first and second services belong to a trust domain in the plurality of trust domains, adding, by one or more processors, a first isolation trust domain between the trust domain and the first service and a second isolation trust domain between the trust domain and the second service, respectively; and excluding, by the one or more processors, a certificate for the second isolation trust domain from the first group of certificates. 6. The method of claim 3 , wherein the selecting the first group of certificates further comprises: identifying, by the one or more processors, a further leaf node in the trust tree based on a first position of the first service in the distributed system; and selecting, by the one or more processors, the first group of certificates based on the trust tree and the further leaf node. 7. The method of claim 1 , wherein the trust rule further defines whether the second service is allowed to access the first service, and the method further comprises: selecting, by the one or more processors, a second group of certificates for allocating to the second service from the plurality of certificates based on the trust rule and the trust tree, the second group of certificates enabling the second service to access the first service; and allocating, by the one or more processors, the first group of certificates and the second group of certificates to the first and second services, respectively. 8. The method of claim 7 , wherein the allocating the first group of certificates to the first service comprises: encoding, by the one or more processors, the first group of certificates into a first package; and transmitting, by the one or more processors, the first package to the first service such that the first service decodes the first package into the first group of certificates. 9. The method of claim 1 , further comprising any of: in response to the trust rule being modified, updating, by one or more processors, the first group of certificates based on the modified trust rule and the trust tree; and in response to a service in the first and second services being migrated into a destination trust domain that is different from a source trust domain to which the service belonged, updating, by one or more processors, the trust tree based on the migrated service. 10. The method of claim 1 , wherein the first service and second service belong to a first trust domain and a second trust domain in the at least one trust domain, respectively, the first and second trust domains corresponding to heterogeneous sub-systems comprised in the distributed system, respectively. 11. A computer-implemented system comprising a computer processor coupled to a computer-readable memory unit, wherein the computer processor is an electronic device, the memory unit comprising instructions that, when executed by the computer processor, implements a method comprising: receiving a trust rule between a first service and a second service in a plurality of services that are deployed in a distributed system, the trust rule defining whether the first service is allowed to access the second service; obtaining a trust tree for the distributed system, the trust tree comprising a plurality of certificates for accessing the plurality of services, wherein the plurality of services belongs to at least one trust domain in the distributed system, and wherein the obtaining the trust tree comprises generating a leaf node in the trust tree for a service in the plurality of services and a non-leaf node in the trust tree for a trust domain in the at least one trust domain based on a relationship between the plurality of services and the least one trust domain; and selecting from the plurality of certificates a first group of certificates for the first service based on the trust rule and the trust tree, the first group of certificates enabling the first service to access the second service, wherein the selecting the first group of certificates comprises identifying a target leaf node in the trust tree based on a second position of the second service in the distributed system. 12. The system of claim 11 , wherein the leaf node comprises a certificate for identifying the service, and wherein the non-leaf node comprises a certificate for accessing the trust domain. 13. The system of claim 12 , wherein the selecting the first group of certificates further comprises: selecting the first group of certificates based on the trust rule and the target leaf node. 14. The system of claim 13 , wherein the selecting the first group of certificates based on the trust rule and the target leaf node comprises any of: in response to the trust rule defining that the first service is allowed to access the second service, including certificates along a path of the target leaf node into the first group of certificates; and in response to the trust rule defining that the first service is not allowed to access the second service, excluding at least one certificate corresponding to a non-leaf node along a path of the target leaf node from the first group of certifica