Fine-Grained Access Control for Microservices

Antonio, Nehme and Vitor, Jesus and Khaled, Mahbub and Ali, Abdallah (2018) Fine-Grained Access Control for Microservices. In: FPS 2018, 13-15 November 2018, Montréal Canada.

Preview

Text
Fine-Grained Access Control for Microservices.pdf - Accepted Version
Download (808kB)

Abstract

Microservices-based applications are considered to be a promising paradigm for building large-scale digital systems due to its flexibility, scalability, and agility of development. To achieve the adoption of digital services, applica-tions holding personal data must be secure while giving end-users as much control as possible. On the other hand, for software developers, adoption of a security solution for microservices requires it to be easily adaptable to the application context and requirements while fully exploiting reusability of se-curity components. This paper proposes a solution that targets key security challenges of microservice-based applications. Our approach relies on a co-ordination of security components, and offers a fine-grained access control in order to minimise the risks of token theft, session manipulation, and a ma-licious insider; it also renders the system resilient against confused deputy at-tacks. This solution is based on a combination of OAuth 2 and XACML open standards, and achieved through reusable security components integrat-ed with microservices.

Item Type:	Conference or Workshop Item (Paper)
Dates:	Date Event 23 October 2018 Accepted
Subjects:	CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
Divisions:	Faculty of Computing, Engineering and the Built Environment > College of Computing
Depositing User:	Antonio Nehme
Date Deposited:	10 Jan 2019 13:27
Last Modified:	22 Mar 2023 12:01
URI:	https://www.open-access.bcu.ac.uk/id/eprint/6765