Fine-Grained Access Control for Microservices

Antonio, Nehme and Vitor, Jesus and Khaled, Mahbub and Ali, Abdallah (2018) Fine-Grained Access Control for Microservices. In: FPS 2018, 13-15 November 2018, Montréal Canada.

Fine-Grained Access Control for Microservices.pdf - Accepted Version

Download (808kB)


Microservices-based applications are considered to be a promising paradigm for building large-scale digital systems due to its flexibility, scalability, and agility of development. To achieve the adoption of digital services, applica-tions holding personal data must be secure while giving end-users as much control as possible. On the other hand, for software developers, adoption of a security solution for microservices requires it to be easily adaptable to the application context and requirements while fully exploiting reusability of se-curity components. This paper proposes a solution that targets key security challenges of microservice-based applications. Our approach relies on a co-ordination of security components, and offers a fine-grained access control in order to minimise the risks of token theft, session manipulation, and a ma-licious insider; it also renders the system resilient against confused deputy at-tacks. This solution is based on a combination of OAuth 2 and XACML open standards, and achieved through reusable security components integrat-ed with microservices.

Item Type: Conference or Workshop Item (Paper)
23 October 2018Accepted
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
Divisions: Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Depositing User: Antonio Nehme
Date Deposited: 10 Jan 2019 13:27
Last Modified: 22 Mar 2023 12:01

Actions (login required)

View Item View Item


In this section...