TY - GEN
T1 - Model-Driven End-to-End Resolution of Security Smells in Microservice Architectures
AU - Wizenty, Philip
AU - Ponce, Francisco
AU - Rademacher, Florian
AU - Soldani, Jacopo
AU - Astudillo, Hernán
AU - Brogi, Antonio
AU - Sachweh, Sabine
N1 - Publisher Copyright:
© 2024 by SCITEPRESS – Science and Technology Publications, Lda.
PY - 2024
Y1 - 2024
N2 - Microservice Architecture (MSA) is a popular approach to designing, implementing, and deploying complex software systems. However, MSA introduces inherent challenges associated with distributed systems—one of them is the detection and mitigation of security smells. This paper draws on recent works that identified and categorized security smells in MSAs to propose a novel end-to-end approach for resolving security smells in existing MSAs. To this end, the presented approach extends a modeling ecosystem for MSAs with (i) reconstruction capabilities that automatically map MSA source code to viewpoint-specific architecture models; (ii) validations that detect security smells from reconstructed models; and (iii) model refactorings that support the interactive resolution of security smells and solutions’ reflection back to source code. Our approach allows for (i) uncovering security smells, which originate from the combination of different places in source code with possibly heterogeneous purposes, technologies, and software languages; as well as (ii) clustering, reifying, and fixing smells using a level of abstraction that is directed towards MSA stakeholders. The applicability and effectiveness of our approach are evaluated utilizing a standard case study from MSA research.
AB - Microservice Architecture (MSA) is a popular approach to designing, implementing, and deploying complex software systems. However, MSA introduces inherent challenges associated with distributed systems—one of them is the detection and mitigation of security smells. This paper draws on recent works that identified and categorized security smells in MSAs to propose a novel end-to-end approach for resolving security smells in existing MSAs. To this end, the presented approach extends a modeling ecosystem for MSAs with (i) reconstruction capabilities that automatically map MSA source code to viewpoint-specific architecture models; (ii) validations that detect security smells from reconstructed models; and (iii) model refactorings that support the interactive resolution of security smells and solutions’ reflection back to source code. Our approach allows for (i) uncovering security smells, which originate from the combination of different places in source code with possibly heterogeneous purposes, technologies, and software languages; as well as (ii) clustering, reifying, and fixing smells using a level of abstraction that is directed towards MSA stakeholders. The applicability and effectiveness of our approach are evaluated utilizing a standard case study from MSA research.
KW - Microservice Architecture
KW - Model-Driven Engineering
KW - Refactoring
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85194147280&partnerID=8YFLogxK
U2 - 10.5220/0012671700003711
DO - 10.5220/0012671700003711
M3 - Conference contribution
AN - SCOPUS:85194147280
T3 - International Conference on Cloud Computing and Services Science, CLOSER - Proceedings
SP - 204
EP - 215
BT - Proceedings of the 14th International Conference on Cloud Computing and Services Science, CLOSER 2024
A2 - van Steen, Maarten
A2 - Pahl, Claus
PB - Science and Technology Publications, Lda
T2 - 14th International Conference on Cloud Computing and Services Science, CLOSER 2024
Y2 - 2 May 2024 through 4 May 2024
ER -