Model-Driven End-to-End Resolution of Security Smells in Microservice Architectures

Philip Wizenty; Francisco Ponce; Francisco Ponce; Florian Rademacher; Jacopo Soldani; Hernán Astudillo; Hernán Astudillo; Antonio Brogi; Sabine Sachweh

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Model-Driven End-to-End Resolution of Security Smells in Microservice Architectures

Topics: Microservices; Microservices: Automation, Deployment and Management, Resource Allocation Elasticity, Service State and Resilience; Service Modeling and Specification; Service-Oriented Architecture; Services Security and Reliability

In Proceedings of the 14th International Conference on Cloud Computing and Services Science CLOSER - Volume 1, 204-215, 2024 , Angers, France

Authors: Philip Wizenty ¹ ; Francisco Ponce ^{2

;

3} ; Florian Rademacher ¹ ; Jacopo Soldani ⁴ ; Hernán Astudillo ^{2

;

3} ; Antonio Brogi ⁴ and Sabine Sachweh ¹

Affiliations: ¹ IDiAL Institute, University of Applied Sciences and Arts Dortmund, Germany ; ² Universidad Técnica Federico Santa María, Valparaíso, Chile ; ³ ITiSB, Universidad Andrés Bello, Viña del Mar, Chile ; ⁴ University of Pisa, Pisa, Italy

Keyword(s): Microservice Architecture, Model-Driven Engineering, Security, Refactoring.

Abstract: Microservice Architecture (MSA) is a popular approach to designing, implementing, and deploying complex software systems. However, MSA introduces inherent challenges associated with distributed systems—one of them is the detection and mitigation of security smells. This paper draws on recent works that identified and categorized security smells in MSAs to propose a novel end-to-end approach for resolving security smells in existing MSAs. To this end, the presented approach extends a modeling ecosystem for MSAs with (i) reconstruction capabilities that automatically map MSA source code to viewpoint-specific architecture models; (ii) validations that detect security smells from reconstructed models; and (iii) model refactorings that support the interactive resolution of security smells and solutions’ reflection back to source code. Our approach allows for (i) uncovering security smells, which originate from the combination of different places in source code with possibly heterogeneous purposes, technologies, and software languages; as well as (ii) clustering, reifying, and fixing smells using a level of abstraction that is directed towards MSA stakeholders. The applicability and effectiveness of our approach are evaluated utilizing a standard case study from MSA research. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.149.237.231

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Wizenty, P.; Ponce, F.; Rademacher, F.; Soldani, J.; Astudillo, H.; Brogi, A. and Sachweh, S. (2024). Model-Driven End-to-End Resolution of Security Smells in Microservice Architectures. In Proceedings of the 14th International Conference on Cloud Computing and Services Science - CLOSER; ISBN 978-989-758-701-6; ISSN 2184-5042, SciTePress, pages 204-215. DOI: 10.5220/0012671700003711

@conference{closer24,
author={Philip Wizenty. and Francisco Ponce. and Florian Rademacher. and Jacopo Soldani. and Hernán Astudillo. and Antonio Brogi. and Sabine Sachweh.},
title={Model-Driven End-to-End Resolution of Security Smells in Microservice Architectures},
booktitle={Proceedings of the 14th International Conference on Cloud Computing and Services Science - CLOSER},
year={2024},
pages={204-215},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012671700003711},
isbn={978-989-758-701-6},
issn={2184-5042},
}

TY - CONF

JO - Proceedings of the 14th International Conference on Cloud Computing and Services Science - CLOSER
TI - Model-Driven End-to-End Resolution of Security Smells in Microservice Architectures
SN - 978-989-758-701-6
IS - 2184-5042
AU - Wizenty, P.
AU - Ponce, F.
AU - Rademacher, F.
AU - Soldani, J.
AU - Astudillo, H.
AU - Brogi, A.
AU - Sachweh, S.
PY - 2024
SP - 204
EP - 215
DO - 10.5220/0012671700003711
PB - SciTePress