skip to main content
Idioma:
Primo Search
Clear Search Box
Search in: Busca Geral
Busca Avançada
Busca por Índices

Microservice Security Metrics for Secure Communication, Identity Management, and Observability

Zdun, Uwe ; Queval, Pierre-Jean ; Simhandl, Georg ; Scandariato, Riccardo ; Chakravarty, Somik ; Jelic, Marjan ; Jovanovic, Aleksandar

ACM transactions on software engineering and methodology, 2023-02, Vol.32 (1), p.1-34, Article 16 [Periódico revisado por pares]

New York, NY: ACM

Texto completo disponível

Citações Citado por
  • Título:
    Microservice Security Metrics for Secure Communication, Identity Management, and Observability
  • Autor: Zdun, Uwe ; Queval, Pierre-Jean ; Simhandl, Georg ; Scandariato, Riccardo ; Chakravarty, Somik ; Jelic, Marjan ; Jovanovic, Aleksandar
  • Assuntos: Distributed systems organizing principles ; Security and privacy ; Software and its engineering ; Software architectures ; Software security engineering
  • É parte de: ACM transactions on software engineering and methodology, 2023-02, Vol.32 (1), p.1-34, Article 16
  • Descrição: Microservice architectures are increasingly being used to develop application systems. Despite many guidelines and best practices being published, architecting microservice systems for security is challenging. Reasons are the size and complexity of microservice systems, their polyglot nature, and the demand for the continuous evolution of these systems. In this context, to manually validate that security architecture tactics are employed as intended throughout the system is a time-consuming and error-prone task. In this article, we present an approach to avoid such manual validation before each continuous evolution step in a microservice system, which we demonstrate using three widely used categories of security tactics: secure communication, identity management, and observability. Our approach is based on a review of existing security guidelines, the gray literature, and the scientific literature, from which we derived Architectural Design Decisions (ADDs) with the found security tactics as decision options. In our approach, we propose novel detectors to detect these decision options automatically and formally defined metrics to measure the conformance of a system to the different options of the ADDs. We apply the approach to a case study data set of 10 open source microservice systems, plus another 20 variants of these systems, for which we manually inspected the source code for security tactics. We demonstrate and assess the validity and appropriateness of our metrics by performing an assessment of their conformance to the ADDs in our systems’ dataset through statistical methods.
  • Editor: New York, NY: ACM
  • Idioma: Inglês
Voltar para lista de resultados

  • Realização: ABCD-USP USP   Logos de Redes Sociais: Freepik

Buscando em bases de dados remotas. Favor aguardar.