On automated RBAC assessment by constructing a centralized perspective for microservice mesh

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F21%3A00121079" target="_blank" >RIV/00216224:14330/21:00121079 - isvavai.cz</a>

Výsledek na webu

<a href="https://peerj.com/articles/cs-376/" target="_blank" >https://peerj.com/articles/cs-376/</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.7717/peerj-cs.376" target="_blank" >10.7717/peerj-cs.376</a>

Jazyk výsledku

angličtina

Název v původním jazyce

On automated RBAC assessment by constructing a centralized perspective for microservice mesh

Popis výsledku v původním jazyce

It is important in software development to enforce proper restrictions on protected services and resources. Typically software services can be accessed through REST API endpoints where restrictions can be applied using the Role-Based Access Control (RBAC) model. However, RBAC policies can be inconsistent across services, and they require proper assessment. Currently, developers use penetration testing, which is a costly and cumbersome process for a large number of APIs. In addition, modern applications are split into individual microservices and lack a unified view in order to carry out automated RBAC assessment. Often, the process of constructing a centralized perspective of an application is done using Systematic Architecture Reconstruction (SAR). This article presents a novel approach to automated SAR to construct a centralized perspective for a microservice mesh based on their REST communication pattern. We utilize the generated views from SAR to propose an automated way to find RBAC inconsistencies.

Název v anglickém jazyce

On automated RBAC assessment by constructing a centralized perspective for microservice mesh

Popis výsledku anglicky

It is important in software development to enforce proper restrictions on protected services and resources. Typically software services can be accessed through REST API endpoints where restrictions can be applied using the Role-Based Access Control (RBAC) model. However, RBAC policies can be inconsistent across services, and they require proper assessment. Currently, developers use penetration testing, which is a costly and cumbersome process for a large number of APIs. In addition, modern applications are split into individual microservices and lack a unified view in order to carry out automated RBAC assessment. Often, the process of constructing a centralized perspective of an application is done using Systematic Architecture Reconstruction (SAR). This article presents a novel approach to automated SAR to construct a centralized perspective for a microservice mesh based on their REST communication pattern. We utilize the generated views from SAR to propose an automated way to find RBAC inconsistencies.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2021

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

PeerJ Computer Science

ISSN

2376-5992

e-ISSN

—

Svazek periodika

7

Číslo periodika v rámci svazku

e376

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

24

Strana od-do

1-24

Kód UT WoS článku

000616121200001

EID výsledku v databázi Scopus

2-s2.0-85101294481