TY - GEN
T1 - Model-Driven Security Smell Resolution in Microservice Architecture Using LEMMA
AU - Wizenty, Philip
AU - Ponce, Francisco
AU - Rademacher, Florian
AU - Soldani, Jacopo
AU - Astudillo, Hernán
AU - Brogi, Antonio
AU - Sachweh, Sabine
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
PY - 2024
Y1 - 2024
N2 - Effective security measures are crucial for modern Microservice Architecture (MSA)-based applications as many IT companies rely on microservices to deliver their business functionalities. Security smells may indicate possible security issues. However, detecting security smells and devising strategies to resolve them through refactoring is difficult and expensive, primarily due to the inherent complexity of microservice architectures. This paper proposes a Model-driven approach to resolving security smells in MSA. The proposed method uses LEMMA as a concrete approach to model microservice applications. We extend LEMMA’s functionalities to enable the modeling of microservices’ security aspects. With the proposed method, LEMMA models can be processed to automatically detect security smells and recommend the refactorings that resolve the identified security smells. To test the effectiveness of the proposed method, the paper introduces a proof-of-concept implementation of the proposed LEMMA-based, automated microservices’ security smell detection and refactoring.
AB - Effective security measures are crucial for modern Microservice Architecture (MSA)-based applications as many IT companies rely on microservices to deliver their business functionalities. Security smells may indicate possible security issues. However, detecting security smells and devising strategies to resolve them through refactoring is difficult and expensive, primarily due to the inherent complexity of microservice architectures. This paper proposes a Model-driven approach to resolving security smells in MSA. The proposed method uses LEMMA as a concrete approach to model microservice applications. We extend LEMMA’s functionalities to enable the modeling of microservices’ security aspects. With the proposed method, LEMMA models can be processed to automatically detect security smells and recommend the refactorings that resolve the identified security smells. To test the effectiveness of the proposed method, the paper introduces a proof-of-concept implementation of the proposed LEMMA-based, automated microservices’ security smell detection and refactoring.
KW - Bad smells
KW - Microservice architecture
KW - Model-driven engineering
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85195272553&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-61753-9_3
DO - 10.1007/978-3-031-61753-9_3
M3 - Conference contribution
AN - SCOPUS:85195272553
SN - 9783031617522
T3 - Communications in Computer and Information Science
SP - 29
EP - 49
BT - Software Technologies - 18th International Conference, ICSOFT 2023, Revised Selected Papers
A2 - Fill, Hans-Georg
A2 - Domínguez Mayo, Francisco José
A2 - van Sinderen, Marten
A2 - Maciaszek, Leszek A.
PB - Springer Science and Business Media Deutschland GmbH
T2 - 18th International Conference on Software Technologies, ICSOFT 2023
Y2 - 10 July 2023 through 12 July 2023
ER -