All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”

On automated RBAC assessment by constructing a centralized perspective for microservice mesh

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F21%3A00121079" target="_blank" >RIV/00216224:14330/21:00121079 - isvavai.cz</a>

  • Result on the web

    <a href="https://peerj.com/articles/cs-376/" target="_blank" >https://peerj.com/articles/cs-376/</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.7717/peerj-cs.376" target="_blank" >10.7717/peerj-cs.376</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    On automated RBAC assessment by constructing a centralized perspective for microservice mesh

  • Original language description

    It is important in software development to enforce proper restrictions on protected services and resources. Typically software services can be accessed through REST API endpoints where restrictions can be applied using the Role-Based Access Control (RBAC) model. However, RBAC policies can be inconsistent across services, and they require proper assessment. Currently, developers use penetration testing, which is a costly and cumbersome process for a large number of APIs. In addition, modern applications are split into individual microservices and lack a unified view in order to carry out automated RBAC assessment. Often, the process of constructing a centralized perspective of an application is done using Systematic Architecture Reconstruction (SAR). This article presents a novel approach to automated SAR to construct a centralized perspective for a microservice mesh based on their REST communication pattern. We utilize the generated views from SAR to propose an automated way to find RBAC inconsistencies.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2021

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    PeerJ Computer Science

  • ISSN

    2376-5992

  • e-ISSN

  • Volume of the periodical

    7

  • Issue of the periodical within the volume

    e376

  • Country of publishing house

    US - UNITED STATES

  • Number of pages

    24

  • Pages from-to

    1-24

  • UT code for WoS article

    000616121200001

  • EID of the result in the Scopus database

    2-s2.0-85101294481